Vulnerability Description
The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Knowledgetree Document Management | Knowledgetree Document Management | <= 3.5.4 |
References
- http://issues.knowledgetree.com/browse/KTS-3921
- http://secunia.com/advisories/33277PatchVendor Advisory
- http://wiki.knowledgetree.com/Version_3.5.4a#Security
- http://www.securityfocus.com/bid/32920Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47530
- http://issues.knowledgetree.com/browse/KTS-3921
- http://secunia.com/advisories/33277PatchVendor Advisory
- http://wiki.knowledgetree.com/Version_3.5.4a#Security
- http://www.securityfocus.com/bid/32920Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47530
FAQ
What is CVE-2008-5857?
CVE-2008-5857 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
How severe is CVE-2008-5857?
CVE-2008-5857 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5857?
Check the references section above for vendor advisories and patch information. Affected products include: Knowledgetree Document Management Knowledgetree Document Management.