CVE-2007-1966

Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie.

CVSS v3 9.1 CRITICAL
CVSS v2.0 5.0 MEDIUM

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=117570977117962&w=2	Patch Vendor Advisory
http://www.majorsecurity.de/index_2.php?major_rls=major_rls38	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=117570977117962&w=2	Patch Vendor Advisory
http://www.majorsecurity.de/index_2.php?major_rls=major_rls38	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:exv2:content_management_system:2.0.4.3:*:*:*:*:*:*:*

History

03 Apr 2025, 15:15

Type	Values Removed	Values Added
CVSS	v2 : ~~5.0~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 9.1

Information

Published : 2007-04-11 10:19

Updated : 2025-04-09 00:30

NVD link : CVE-2007-1966

Mitre link : CVE-2007-1966

CVE.ORG link : CVE-2007-1966

JSON object : View

Products Affected

exv2

content_management_system

CWE

CWE-287

Improper Authentication

{"id": "CVE-2007-1966", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2007-04-11T10:19:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=117570977117962&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=117570977117962&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie."}, {"lang": "es", "value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en eXV2 CMS 2.0.4.3 y anteriores permite a atacantes remotos secuestrar sesiones web estableciendo la cookie PHPSESSID."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:exv2:content_management_system:2.0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1BF0984-3971-46C8-A397-E3ACEACD522F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}