7.5
CVSSv2

CVE-2015-6816

Published: 09/08/2017 Updated: 20/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

ganglia-web prior to 3.7.1 allows remote malicious users to bypass authentication.

Affected Products

Vendor Product Versions
GangliaGanglia-web3.7.0
FedoraprojectFedora21, 22, 23

Vendor Advisories

Debian Bug report logs - #798213 ganglia-web: CVE-2015-6816: auth bypass Package: src:ganglia-web; Maintainer for src:ganglia-web is Debian Monitoring Maintainers <pkg-monitoring-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 6 Sep 2015 20:48:01 UTC Severity: i ...
Ganglia-web auth can be bypassed using boolean serialization (CVE-2015-6816 ) ...