6.5
CVE-2016-4896
- EPSS 1.35%
- Veröffentlicht 12.04.2017 22:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginSetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Setucocms Project ≫ Setucocms Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.35% | 0.678 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 3.9 | 2.5 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
http://jvn.jp/en/jp/JVN80157683/index.html
http://www.securityfocus.com/bid/93475
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000201.html