Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2301

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2301
Last Modified 13 May 2014 11:22:02
Published 12 May 2014 10:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2301

Summary

OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/.

Vulnerable Systems

Application

  • Bscw 5.0.7


References

MISC - https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-003/-metadata-information-disclosure-in-orbiteam-bscw

BUGTRAQ - 20140508 [RT-SA-2014-003] Metadata Information Disclosure in OrbiTeam BSCW

MISC - http://www.bscw.de/english/news.html


Last Updated: 27 May 2016 11:05:16