Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2015-2203

Published: 01/02/2018 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Subscribe to Evergreen

Vulnerability Summary

Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL.

Vulnerable Product Search on Vulmon Subscribe to Product

evergreen-ils evergreen 2.7.4

evergreen-ils evergreen 2.6.7

evergreen-ils evergreen 2.5.9

References

CWE-200https://bugs.launchpad.net/evergreen/+bug/1206589http://www.securityfocus.com/bid/72885http://www.openwall.com/lists/oss-security/2015/03/04/3http://evergreen-ils.org/security-releases-evergreen-2-7-4-2-6-7-and-2-5-9/http://evergreen-ils.org/downloads/ChangeLog-2.7.3-2.7.4http://evergreen-ils.org/downloads/ChangeLog-2.6.6-2.6.7http://evergreen-ils.org/downloads/ChangeLog-2.5.8-2.5.9http://git.evergreen-ils.org/?p=Evergreen.git%3Ba=commit%3Bh=ac588e879cf73ff1b65617e0bd273361d3529063https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook