CVE-2017-15199

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
kanboardkanboard
1.0.0
kanboardkanboard
1.0.1
kanboardkanboard
1.0.2
kanboardkanboard
1.0.3
kanboardkanboard
1.0.4
kanboardkanboard
1.0.5
kanboardkanboard
1.0.6
kanboardkanboard
1.0.7
kanboardkanboard
1.0.8
kanboardkanboard
1.0.9
kanboardkanboard
1.0.10
kanboardkanboard
1.0.11
kanboardkanboard
1.0.12
kanboardkanboard
1.0.13
kanboardkanboard
1.0.14
kanboardkanboard
1.0.15
kanboardkanboard
1.0.16
kanboardkanboard
1.0.17
kanboardkanboard
1.0.18
kanboardkanboard
1.0.19
kanboardkanboard
1.0.20
kanboardkanboard
1.0.21
kanboardkanboard
1.0.22
kanboardkanboard
1.0.23
kanboardkanboard
1.0.24
kanboardkanboard
1.0.25
kanboardkanboard
1.0.26
kanboardkanboard
1.0.27
kanboardkanboard
1.0.28
kanboardkanboard
1.0.29
kanboardkanboard
1.0.30
kanboardkanboard
1.0.31
kanboardkanboard
1.0.31:beta0
kanboardkanboard
1.0.31:beta1
kanboardkanboard
1.0.32
kanboardkanboard
1.0.32:beta0
kanboardkanboard
1.0.32:beta1
kanboardkanboard
1.0.33
kanboardkanboard
1.0.34
kanboardkanboard
1.0.35
kanboardkanboard
1.0.36
kanboardkanboard
1.0.37
kanboardkanboard
1.0.38
kanboardkanboard
1.0.39
kanboardkanboard
1.0.40
kanboardkanboard
1.0.41
kanboardkanboard
1.0.42
kanboardkanboard
1.0.43
kanboardkanboard
1.0.44
kanboardkanboard
1.0.45
kanboardkanboard
1.0.46
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
kanboard
bookworm
1.2.26+ds-2+deb12u2
fixed
bookworm (security)
1.2.26+ds-2+deb12u2
fixed
sid
1.2.31+ds2-1
fixed
Common Weakness Enumeration
References
http://openwall.com/lists/oss-security/2017/10/04/9
https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0
https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524
https://kanboard.net/news/version-1.0.47
http://openwall.com/lists/oss-security/2017/10/04/9
https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0
https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524
https://kanboard.net/news/version-1.0.47