CVE-2018-1286

In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:openmeetings:*:*:*:*:*:*:*:*

History

07 Nov 2023, 02:55

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/dc2151baa5301bae773603cede0d62c21ee28588dd06e5e9253c13a8@%3Cuser.openmeetings.apache.org%3E', 'name': '[user] 20180225 [ANNOUNCE] CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls', 'tags': ['Vendor Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/dc2151baa5301bae773603cede0d62c21ee28588dd06e5e9253c13a8%40%3Cuser.openmeetings.apache.org%3E -

Information

Published : 2018-02-28 18:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-1286

Mitre link : CVE-2018-1286

CVE.ORG link : CVE-2018-1286


JSON object : View

Products Affected

apache

  • openmeetings
CWE
CWE-287

Improper Authentication