CVE-2006-0153

High

7.5/10

Summary

427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Jan 10, 2006

CVE-2006-0153

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS