Vulnerability Details : CVE-2002-1058
Potential exploit
Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file.
Vulnerability category: Directory traversal
Products affected by CVE-2002-1058
- cpe:2.3:a:cobalt:qube:3.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-1058
3.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1058
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2002-1058
-
http://www.iss.net/security_center/static/9669.php
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/5297
Exploit;Patch;Vendor Advisory
-
http://archives.neohapsis.com/archives/bugtraq/2002-07/0261.html
Jump to