Parameter Manipulation Vulnerability in Apache OpenMeetings by Apache
CVE-2017-7682

8.2HIGH

Key Information:

Vendor: Apache
Status: Apache Openmeetings
Vendor: CVE Published:; 17 July 2017

Summary

Apache OpenMeetings version 3.2.0 is susceptible to parameter manipulation attacks, which could allow attackers to gain unauthorized access to restricted areas of the application. This security flaw arises from improper handling of inputs, making it feasible for malicious actors to exploit the vulnerability and navigate to sensitive sections without adequate authentication.

Affected Version(s)

Apache OpenMeetings 3.2.0

References

http://markmail.org/message/dbrbvf5k343ulivf

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2017
Vulnerability Reserved
Apr 11, 2017