CVE-2008-7100

Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
dotnetnukedotnetnuke
4.4.1
dotnetnukedotnetnuke
4.5.2
dotnetnukedotnetnuke
4.5.4
dotnetnukedotnetnuke
4.5.5
dotnetnukedotnetnuke
4.6.0
dotnetnukedotnetnuke
4.6.1
dotnetnukedotnetnuke
4.6.2
dotnetnukedotnetnuke
4.7.0
dotnetnukedotnetnuke
4.8.0
dotnetnukedotnetnuke
4.8.1
dotnetnukedotnetnuke
4.8.2
dotnetnukedotnetnuke
4.8.3
dotnetnukedotnetnuke
4.8.4
𝑥
= Vulnerable software versions
References
http://osvdb.org/48343
http://secunia.com/advisories/31893
http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
http://www.securityfocus.com/bid/31145
https://exchange.xforce.ibmcloud.com/vulnerabilities/45081
http://osvdb.org/48343
http://secunia.com/advisories/31893
http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
http://www.securityfocus.com/bid/31145
https://exchange.xforce.ibmcloud.com/vulnerabilities/45081