CVE-2017-15235
published 2017-10-11CVE-2017-15235: The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn…
PriorityP262high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.53%
91.8th percentile
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | php-horde-gollem | < php-horde-gollem 3.0.12-1 (bookworm) | php-horde-gollem 3.0.12-1 (bookworm) |
| horde | groupware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Alert on unauthenticated GET requests to the Horde download endpoint containing both 'app=gollem' and a 'fn' parameter with a leading '/' metacharacter. ↗
- ·The vulnerability is specific to gollem module version 3.0.11 / Horde Groupware 5.2.21; it is resolved in gollem 3.0.12-1. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h443-49fc-9w7v: The File Manager (gollem) module 3
ghsa_unreviewed·2022-05-13
CVE-2017-15235 [HIGH] CWE-425 GHSA-h443-49fc-9w7v: The File Manager (gollem) module 3
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
OSV
CVE-2017-15235: The File Manager (gollem) module 3
osv·2017-10-11·CVSS 7.5
CVE-2017-15235 [HIGH] CVE-2017-15235: The File Manager (gollem) module 3
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Debian
CVE-2017-15235: php-horde-gollem - The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote ...
vendor_debian·2017·CVSS 7.5
CVE-2017-15235 [HIGH] CVE-2017-15235: php-horde-gollem - The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote ...
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Scope: local
bookworm: resolved (fixed in 3.0.12-1)
bullseye: resolved (fixed in 3.0.12-1)
sid: resolved (fixed in 3.0.12-1)
No detection rules found.
No writeups or analysis indexed.
2017-10-11
Published