Home > Vulnerability Database > CVE-2007-2849

Mend.io Vulnerability Database

CVE-2007-2849

Date: May 24, 2007

KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.

Severity Score

9.8

Related Resources (10)

Url: http://www.vupen.com/english/advisories/2007/1920

Url: http://sourceforge.net/project/shownotes.php?release_id=510338

Url: http://secunia.com/advisories/25360

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-2849

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/34463

Url: http://www.securityfocus.com/bid/24110

Url: http://osvdb.org/36578

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-2849

Url: http://sourceforge.net/forum/forum.php?forum_id=698243

Url: https://www.mend.io/vulnerability-database/CVE-2007-2849

Severity Score

9.8

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-2849

Date: May 24, 2007

Severity Score

Related Resources (10)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?