CVE-2017-1000068

EPSS 0.41%
Veröffentlicht 17.07.2017 13:18:18
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Betterment ≫ Testtrack Version <= 1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.41%	0.581

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://github.com/Betterment/test_track/releases/tag/v1.0.1

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-1000068

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-1000068

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-1000068

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2017-1000068