Credentials Management Errors

CVE-2007-6661

Medium

6.4/10

Summary

2z project 0.9.6.1 allows attackers to change the password without supplying the old password.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: NONE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

Published Jan 04, 2008