SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2007-6487

Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 6.8
Impact Score: 4.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE

Reference:

SECUNIA-28059

OSVDB-42632

http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege

http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/

webgui-admin-security-bypass(39041)


30479



423868



248149



909



194803



282