CVE-2018-9839 Vulnerability Details

  /     /     /  

CVE-2018-9839 Metadata Quick Info

CVE Published: 06/06/2019 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: mitre | Vendor: n/a | Product: n/a
Status : PUBLISHED

CVE-2018-9839 Description

An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the \'m_id\' parameter), any user with REPORTER access or above is able to view any private issue\'s details (summary, description, steps to reproduce, additional information) when cloning it. By checking the \'Copy issue notes\' and \'Copy attachments\' checkboxes and completing the clone operation, this data also becomes public (except private notes).

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2018-9839 Vulnerability Details