CVE-2016-6603

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName…

mitre·CWE-20·Published 2017-01-23

CVSS

—

EPSS

0.87

KEV

Exploits

cve.orgen

148 chars

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.

NVDen

148 chars

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.

NVDes

159 chars

ZOHO WebNMS Framework 5.2 y 5.2 SP1 permite a atacantes remotos eludir la autenticación y suplantar usuarios arbitrarios a través del encabezado HTTP UserName.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H