CVE-2008-5812 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	10 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 58%

Affected Products (NVD)

Vendor	Product	Version
spip	spip	1.8
spip	spip	1.8.1
spip	spip	1.8.2
spip	spip	1.8.2b:b
spip	spip	1.8.3
spip	spip	1.8b1:b1
spip	spip	1.8b2:b2
spip	spip	1.8b3:b3
spip	spip	1.8b4:b4
spip	spip	1.8b5:b5
spip	spip	1.8b6:b6
spip	spip	1.9.0
spip	spip	1.9.1:rev7385
spip	spip	1.9.1:rev7502
spip	spip	1.9.2
spip	spip	1.9.2f:f
spip	spip	2.0.0
spip	spip	2.0.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

spip

bullseye	3.2.11-3+deb11u10 fixed
bullseye (security)	3.2.11-3+deb11u7 fixed
sid	4.3.3+dfsg-1 fixed
trixie	4.3.3+dfsg-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

spip

dapper	ignored
gutsy	dne
hardy	dne
intrepid	dne
jaunty	dne
karmic	not-affected

References

http://secunia.com/advisories/33307

http://www.securityfocus.com/bid/33061

http://www.spip-contrib.net/SPIP-1-8-3b-1-9-2g-2-2

https://exchange.xforce.ibmcloud.com/vulnerabilities/47695

http://secunia.com/advisories/33307

http://www.securityfocus.com/bid/33061

http://www.spip-contrib.net/SPIP-1-8-3b-1-9-2g-2-2

https://exchange.xforce.ibmcloud.com/vulnerabilities/47695