CVE-2006-0685 : The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when au

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.

Published 2006-02-15 00:02:00

Updated 2018-10-19 15:45:52

Source MITRE

View at NVD, CVE.org

Vulnerability category: Bypass

Exploit prediction scoring system (EPSS) score for CVE-2006-0685

Probability of exploitation activity in the next 30 days: 8.91%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-0685

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2006-0685

Products affected by CVE-2006-0685

Virtual Hosting Control System » Virtual Hosting Control System
Versions up to, including, (<=) 2.4.7.1
cpe:2.3:a:virtual_hosting_control_system:virtual_hosting_control_system:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-0685

Exploit prediction scoring system (EPSS) score for CVE-2006-0685

CVSS scores for CVE-2006-0685

References for CVE-2006-0685

Products affected by CVE-2006-0685