Vulnerability Details CVE-2017-15883
Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://knowledgebase.progress.com/articles/Article/Sitefinity-Security-Advisory-for-cryptographic-vulnerability-CVE-2017-15883
- https://www.mnemonic.no/news/2017/vulnerability-finding-sitefinity-cms/
- https://knowledgebase.progress.com/articles/Article/Sitefinity-Security-Advisory-for-cryptographic-vulnerability-CVE-2017-15883
- https://www.mnemonic.no/news/2017/vulnerability-finding-sitefinity-cms/
Products affected by CVE-2017-15883
-
cpe:2.3:a:progress:sitefinity:10.0
-
cpe:2.3:a:progress:sitefinity:10.1
-
cpe:2.3:a:progress:sitefinity:5.1
-
cpe:2.3:a:progress:sitefinity:5.2
-
cpe:2.3:a:progress:sitefinity:5.3
-
cpe:2.3:a:progress:sitefinity:5.4
-
cpe:2.3:a:progress:sitefinity:6.0
-
cpe:2.3:a:progress:sitefinity:6.1
-
cpe:2.3:a:progress:sitefinity:6.2
-
cpe:2.3:a:progress:sitefinity:6.3
-
cpe:2.3:a:progress:sitefinity:7.0
-
cpe:2.3:a:progress:sitefinity:7.1
-
cpe:2.3:a:progress:sitefinity:7.2
-
cpe:2.3:a:progress:sitefinity:7.3
-
cpe:2.3:a:progress:sitefinity:8.0
-
cpe:2.3:a:progress:sitefinity:8.1
-
cpe:2.3:a:progress:sitefinity:8.2
-
cpe:2.3:a:progress:sitefinity:9.0
-
cpe:2.3:a:progress:sitefinity:9.1
-
cpe:2.3:a:progress:sitefinity:9.2