NVD

Id
57643  
Name
CVE-2007-5578  
Description
Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-10-18  
Modified Date
2008-09-05  
Seq
2007-5578  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
294951 57643 CVE-2007-5578 20070604 Kevin Johnson BASE <= 1.3.6 authentication bypass  View
294952 57643 CVE-2007-5578 20070606 Kevin Johnson BASE <= 1.3.6 authentication bypass  View
294953 57643 CVE-2007-5578 http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=521723  View
294954 57643 CVE-2007-5578 24315  View
294955 57643 CVE-2007-5578 base-basemain-security-bypass(34724)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57548 JVNDB-2007-006240 BASE における認証を回避される脆弱性 Basic Analysis and Security Engine (BASE) は、存在しないリダイレクトを Web ブラウザに送信するため、認証を回避される脆弱性が存在します。 CVE-2007-5578 28933 CVE-2007-5578 57643 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006240.html 2007-10-18 2012-12-20 View