Vulnerability Description
Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netious Cms | Netious Cms | 0.4 |
References
- http://secunia.com/advisories/21347Vendor Advisory
- http://www.osvdb.org/27789
- http://www.securityfocus.com/bid/19421
- http://www.vupen.com/english/advisories/2006/3167
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28264
- http://secunia.com/advisories/21347Vendor Advisory
- http://www.osvdb.org/27789
- http://www.securityfocus.com/bid/19421
- http://www.vupen.com/english/advisories/2006/3167
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28264
FAQ
What is CVE-2006-4048?
CVE-2006-4048 is a vulnerability with a CVSS score of 7.5 (HIGH). Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the admi...
How severe is CVE-2006-4048?
CVE-2006-4048 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4048?
Check the references section above for vendor advisories and patch information. Affected products include: Netious Cms Netious Cms.