CVE-2006-3147

high

Description

Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27340

http://www.vupen.com/english/advisories/2006/2459

http://www.securityfocus.com/bid/18565

http://www.osvdb.org/26693

http://securitytracker.com/id?1016444

http://secunia.com/advisories/20743

http://hostingcontroller.com/english/logs/hotfixlogv61_3_2.html

Details

Source: Mitre, NVD

Published: 2006-06-22

Updated: 2017-07-20

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High