CVE-2007-3945

3 documents3 sources
Severity
6.4MEDIUM
EPSS
0.8%
top 25.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Rsbac Rule SET Based Access Control
Timeline
PublishedJul 23
Latest updateMay 1

Description

Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6qpx-xqgc-8jcg: Rule Set Based Access Control (RSBAC) before 12022-05-01
CVEList
CVE-2007-3945: Rule Set Based Access Control (RSBAC) before 12007-07-23
CVE-2007-3945 (MEDIUM CVSS 6.4) | Rule Set Based Access Control (RSBA | cvebase.io