Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2682

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2682
Last Modified 10 Sep 2008 09:11:09
Published 12 Jun 2008 08:21:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2682

Summary

_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID.

Vulnerable Systems

Application

  • Realm Project Realm Cms 2.3


References

XF - realm-login-authentication-bypass(42960)

BID - 29616

MILW0RM - 5766

SECUNIA - 30583

MISC - http://bugreport.ir/index.php?/40


Last Updated: 27 May 2016 10:47:57