- Description
- eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:efilecabinet:efilecabinet:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66003C19-7750-47FD-AE9C-86D11744E819",
"versionEndIncluding": "3.3"
}
],
"operator": "OR"
}
]
}
]