Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by holdennb
CVE-2014-125060 (GCVE-0-2014-125060)
Vulnerability from cvelistv5 – Published: 2023-01-07 12:44 – Updated: 2024-08-06 14:10
VLAI
Title
holdennb CollabCal calenderServer.cpp handleGet improper authentication
Summary
A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.
Severity
7.3 (High)
7.3 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.217614 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.217614 | signaturepermissions-required |
| https://github.com/holdennb/CollabCal/commit/b80f… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217614"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217614"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CollabCal",
"vendor": "holdennb",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in holdennb CollabCal gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion handleGet der Datei calenderServer.cpp. Dank Manipulation mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Patch wird als b80f6d1893607c99e5113967592417d0fe310ce6 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T06:27:39.390Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217614"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217614"
},
{
"tags": [
"patch"
],
"url": "https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-29T20:52:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "holdennb CollabCal calenderServer.cpp handleGet improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125060",
"datePublished": "2023-01-07T12:44:59.019Z",
"dateReserved": "2023-01-07T12:44:23.196Z",
"dateUpdated": "2024-08-06T14:10:56.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-125060 (GCVE-0-2014-125060)
Vulnerability from nvd – Published: 2023-01-07 12:44 – Updated: 2024-08-06 14:10
VLAI
Title
holdennb CollabCal calenderServer.cpp handleGet improper authentication
Summary
A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.
Severity
7.3 (High)
7.3 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.217614 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.217614 | signaturepermissions-required |
| https://github.com/holdennb/CollabCal/commit/b80f… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217614"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217614"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CollabCal",
"vendor": "holdennb",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in holdennb CollabCal gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion handleGet der Datei calenderServer.cpp. Dank Manipulation mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Patch wird als b80f6d1893607c99e5113967592417d0fe310ce6 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T06:27:39.390Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217614"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217614"
},
{
"tags": [
"patch"
],
"url": "https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-29T20:52:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "holdennb CollabCal calenderServer.cpp handleGet improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125060",
"datePublished": "2023-01-07T12:44:59.019Z",
"dateReserved": "2023-01-07T12:44:23.196Z",
"dateUpdated": "2024-08-06T14:10:56.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}