CVE-2008-3717

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
harmoniharmoni
𝑥
≤ 1.4.7
harmoniharmoni
0.0.2
harmoniharmoni
0.0.3
harmoniharmoni
0.0.4
harmoniharmoni
0.0.5
harmoniharmoni
0.1.0
harmoniharmoni
0.2.0
harmoniharmoni
0.3.0
harmoniharmoni
0.3.1
harmoniharmoni
0.3.2
harmoniharmoni
0.5.1
harmoniharmoni
0.6.0
harmoniharmoni
0.6.2
harmoniharmoni
0.7.0
harmoniharmoni
0.7.1
harmoniharmoni
0.7.2
harmoniharmoni
0.7.6
harmoniharmoni
0.7.7
harmoniharmoni
0.9.0
harmoniharmoni
0.10.1
harmoniharmoni
0.11.0
harmoniharmoni
0.12.0
harmoniharmoni
0.12.1
harmoniharmoni
0.12.3
harmoniharmoni
0.13.0
harmoniharmoni
0.13.1
harmoniharmoni
0.13.2
harmoniharmoni
0.13.3
harmoniharmoni
0.13.4
harmoniharmoni
0.13.5
harmoniharmoni
0.13.6
harmoniharmoni
0.13.7
harmoniharmoni
1.0.0
harmoniharmoni
1.0.1
harmoniharmoni
1.0.2
harmoniharmoni
1.0.3
harmoniharmoni
1.0.5
harmoniharmoni
1.0.6
harmoniharmoni
1.1.0
harmoniharmoni
1.3.0
harmoniharmoni
1.3.2
harmoniharmoni
1.3.4
harmoniharmoni
1.3.5
harmoniharmoni
1.4.2
harmoniharmoni
1.4.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31503
http://sourceforge.net/project/shownotes.php?release_id=619864
http://sourceforge.net/tracker/index.php?func=detail&aid=2040324&group_id=82171&atid=1098812
http://www.securityfocus.com/bid/30706
https://exchange.xforce.ibmcloud.com/vulnerabilities/44485
http://secunia.com/advisories/31503
http://sourceforge.net/project/shownotes.php?release_id=619864
http://sourceforge.net/tracker/index.php?func=detail&aid=2040324&group_id=82171&atid=1098812
http://www.securityfocus.com/bid/30706
https://exchange.xforce.ibmcloud.com/vulnerabilities/44485