Vulnerabilities (CVE)

Filtered by vendor Berkeley Subscribe
Filtered by product Berkeley Open Infrastructure For Network Computing
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000875 1 Berkeley 1 Berkeley Open Infrastructure For Network Computing 2024-11-21 7.5 HIGH 9.8 CRITICAL
Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3.