CVE-2015-10025 Vulnerability Details

  /     /     /  

CVE-2015-10025 Metadata Quick Info

CVE Published: 07/01/2023 | CVE Updated: 06/08/2024 | CVE Year: 2015
Source: VulDB | Vendor: luelista | Product: miniConf
Status : PUBLISHED

---

CVE-2015-10025 Description

A vulnerability has been found in luelista miniConf up to 1.7.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file miniConf/MessageView.cs of the component URL Scanning. The manipulation leads to denial of service. Upgrading to version 1.7.7 and 1.8.0 is able to address this issue. The patch is named c06c2e5116c306e4e1bc79779f0eda2d1182f655. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217615.

Metrics

CVSS Version: 3.1 | Base Score: 3.5 LOW
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-404
CWE Name: CWE-404 Denial of Service
Source: luelista

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).