NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2016-15014

概要	A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic. Affected by this vulnerability is an unknown functionality of the file cesnet/core/lostpassword/templates/resetpassword.php. The manipulation leads to insufficiently protected credentials. Attacking locally is a requirement. Upgrading to version 2.0.0 is able to address this issue. The identifier of the patch is 2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6. It is recommended to upgrade the affected component. The identifier VDB-217633 was assigned to this vulnerability.
公表日	2023年1月8日5:15
登録日	2023年1月8日10:00
最終更新日	2024年11月21日11:45

CVSS3.1 : MEDIUM
スコア	5.5
ベクター	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	低
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	なし
可用性への影響(A)	なし

影響を受けるソフトウェアの構成

構成1		以上	以下	より上	未満
cpe:2.3:a:cesnet:theme-cesnet::::::::					2.0.0

関連情報、対策とツール

No	URL	refsource	タグ
1	https://github.com/CESNET/theme-cesnet/commit/2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6		Patch Third Party Advisory
2	https://github.com/CESNET/theme-cesnet/commit/2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6		Patch Third Party Advisory
3	https://github.com/CESNET/theme-cesnet/pull/1		Patch Third Party Advisory
4	https://github.com/CESNET/theme-cesnet/pull/1		Patch Third Party Advisory
5	https://github.com/CESNET/theme-cesnet/releases/tag/2.0.0		Third Party Advisory
6	https://github.com/CESNET/theme-cesnet/releases/tag/2.0.0		Third Party Advisory
7	https://vuldb.com/?ctiid.217633		Third Party Advisory VDB Entry
8	https://vuldb.com/?ctiid.217633		Third Party Advisory VDB Entry
9	https://vuldb.com/?id.217633		Third Party Advisory VDB Entry
10	https://vuldb.com/?id.217633		Third Party Advisory VDB Entry

共通脆弱性一覧