CVE-2008-7100

Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
dotnetnukedotnetnuke
4.4.1
dotnetnukedotnetnuke
4.5.2
dotnetnukedotnetnuke
4.5.4
dotnetnukedotnetnuke
4.5.5
dotnetnukedotnetnuke
4.6.0
dotnetnukedotnetnuke
4.6.1
dotnetnukedotnetnuke
4.6.2
dotnetnukedotnetnuke
4.7.0
dotnetnukedotnetnuke
4.8.0
dotnetnukedotnetnuke
4.8.1
dotnetnukedotnetnuke
4.8.2
dotnetnukedotnetnuke
4.8.3
dotnetnukedotnetnuke
4.8.4
𝑥
= Vulnerable software versions
References
http://osvdb.org/48343
http://secunia.com/advisories/31893
http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
http://www.securityfocus.com/bid/31145
https://exchange.xforce.ibmcloud.com/vulnerabilities/45081
http://osvdb.org/48343
http://secunia.com/advisories/31893
http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
http://www.securityfocus.com/bid/31145
https://exchange.xforce.ibmcloud.com/vulnerabilities/45081