CVE-2007-4240 - OpenCVE

The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to (1) admin/departments.php, (2) admin/operators.php, and other unspecified scripts. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Help Center Live	Help Center Live

Configuration 1 [-]

cpe:2.3:a:help_center_live:help_center_live:2.1.3a:*:*:*:*:*:*:*

References

Link	Resource
http://osvdb.org/39400
http://secunia.com/advisories/26352	Vendor Advisory
http://www.securityfocus.com/bid/25225
https://exchange.xforce.ibmcloud.com/vulnerabilities/35833

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-08T22:00:00

Updated: 2017-07-28T12:57:01

Reserved: 2007-08-08T00:00:00

Link: CVE-2007-4240

JSON object: View

NVD Information

Status : Modified

Published: 2007-08-08T22:17:00.000

Modified: 2017-07-29T01:32:48.097

Link: CVE-2007-4240

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-07T00:00:00", "descriptions": [{"lang": "en", "value": "The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to (1) admin/departments.php, (2) admin/operators.php, and other unspecified scripts. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "helpcenterlive-http-security-bypass(35833)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35833"}, {"name": "39400", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/39400"}, {"name": "25225", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25225"}, {"name": "26352", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26352"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4240", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to (1) admin/departments.php, (2) admin/operators.php, and other unspecified scripts. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "helpcenterlive-http-security-bypass(35833)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35833"}, {"name": "39400", "refsource": "OSVDB", "url": "http://osvdb.org/39400"}, {"name": "25225", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25225"}, {"name": "26352", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26352"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4240", "datePublished": "2007-08-08T22:00:00", "dateReserved": "2007-08-08T00:00:00", "dateUpdated": "2017-07-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:help_center_live:help_center_live:2.1.3a:*:*:*:*:*:*:*", "matchCriteriaId": "F6CFB050-31E1-4014-A46A-C03919098745", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to (1) admin/departments.php, (2) admin/operators.php, and other unspecified scripts. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La funci\u00f3n check_logout del class/auth.php en el Help Center Live (hcl) 2.1.3a env\u00eda una redirecci\u00f3n al navegador web pero no sale cuando las credenciales administrativas se pierden, lo que permite a atacantes remotos borrar usuarios administrativos y tener otros impactos sin especificar a trav\u00e9s de ciertas peticiones a 1) admin/departments.php, (2) admin/operators.php y otros scripts sin especificar. NOTA: algunos de estos detalles se obtienen a partir de la informaci\u00f3n de terceros."}], "id": "CVE-2007-4240", "lastModified": "2017-07-29T01:32:48.097", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-08T22:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/39400"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26352"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25225"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35833"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}