Vulnerability Description
eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Efilecabinet | Efilecabinet | <= 3.3 |
References
- http://osvdb.org/34774
- http://securityreason.com/securityalert/2696
- http://www.securityfocus.com/archive/1/468314/100/0/threaded
- http://www.securityfocus.com/bid/23944
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34251
- http://osvdb.org/34774
- http://securityreason.com/securityalert/2696
- http://www.securityfocus.com/archive/1/468314/100/0/threaded
- http://www.securityfocus.com/bid/23944
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34251
FAQ
What is CVE-2007-2638?
CVE-2007-2638 is a vulnerability with a CVSS score of 10.0 (HIGH). eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive informati...
How severe is CVE-2007-2638?
CVE-2007-2638 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2638?
Check the references section above for vendor advisories and patch information. Affected products include: Efilecabinet Efilecabinet.