CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000547

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. .

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://github.com/tsolucio/corebos/blob/287780a61f98adca1fa631ae6e5de346947c7f81/modules/Contacts/EditView.php#L54
https://github.com/tsolucio/corebos/blob/287780a61f98adca1fa631ae6e5de346947c7f81/modules/Contacts/EditView.php#L54

Products affected by CVE-2018-1000547

Corebos » Corebos » Version: N/A

cpe:2.3:a:corebos:corebos:-
Corebos » Corebos » Version: 5.4

cpe:2.3:a:corebos:corebos:5.4
Corebos » Corebos » Version: 5.5

cpe:2.3:a:corebos:corebos:5.5
Corebos » Corebos » Version: 7.0

cpe:2.3:a:corebos:corebos:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000547

Products

Pricing

Contact Us