Vulnerability Details CVE-2015-7503
Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2015-7503
-
cpe:2.3:a:zend:zend_framework:2.4.0
-
cpe:2.3:a:zend:zend_framework:2.4.1
-
cpe:2.3:a:zend:zend_framework:2.4.2
-
cpe:2.3:a:zend:zend_framework:2.4.3
-
cpe:2.3:a:zend:zend_framework:2.4.4
-
cpe:2.3:a:zend:zend_framework:2.4.5
-
cpe:2.3:a:zend:zend_framework:2.4.6
-
cpe:2.3:a:zend:zend_framework:2.4.7
-
cpe:2.3:a:zend:zend_framework:2.4.8
-
cpe:2.3:a:zend:zend_framework:2.5.0
-
cpe:2.3:a:zend:zend_framework:2.5.1