Vulnerability Details CVE-2018-1286
In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2018-1286
-
cpe:2.3:a:apache:openmeetings:3.0.0
-
cpe:2.3:a:apache:openmeetings:3.0.1
-
cpe:2.3:a:apache:openmeetings:3.0.2
-
cpe:2.3:a:apache:openmeetings:3.0.3
-
cpe:2.3:a:apache:openmeetings:3.0.4
-
cpe:2.3:a:apache:openmeetings:3.0.5
-
cpe:2.3:a:apache:openmeetings:3.0.6
-
cpe:2.3:a:apache:openmeetings:3.0.7
-
cpe:2.3:a:apache:openmeetings:3.1.0
-
cpe:2.3:a:apache:openmeetings:3.1.1
-
cpe:2.3:a:apache:openmeetings:3.1.2
-
cpe:2.3:a:apache:openmeetings:3.1.3
-
cpe:2.3:a:apache:openmeetings:3.1.4
-
cpe:2.3:a:apache:openmeetings:3.1.5
-
cpe:2.3:a:apache:openmeetings:3.2.0
-
cpe:2.3:a:apache:openmeetings:3.2.1
-
cpe:2.3:a:apache:openmeetings:3.3.0
-
cpe:2.3:a:apache:openmeetings:3.3.1
-
cpe:2.3:a:apache:openmeetings:3.3.2
-
cpe:2.3:a:apache:openmeetings:4.0.0
-
cpe:2.3:a:apache:openmeetings:4.0.1