|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to gain full privileges without authentication. The issue is triggered when using HTTP client that does not follow redirects. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Authentication Management
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
OSVDB:
Web Related
|
|
Technical |
This vulnerability is only present when BASE built in authentication system is used and not with Web server authentication system.
|
|
Solution |
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
|
|
Products |
|
Basic Analysis and Security Engine (BASE)
 |
1.1 (elizabeth) |
1.1.2 (zora) |
1.1.3 (lynn) |
1.1.4 (cheryl) |
1.2.0 (betty) |
1.2.1 (kris) |
1.2.2 (cindy) |
1.2.4 (melissa) |
1.2.5 (sarah) |
1.2.6 (christine) |
1.2.7 (karen) |
1.3.5 (marie) |
1.3.6 (louise) |
|
|
|
|
|
|
|
Credit |
- Johnny Storm - johhny653
 gmail.com -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
