CVE-2004-0703

high

Description

Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16672

http://www.securityfocus.com/bid/10698

http://marc.info/?l=bugtraq&m=108965446813639&w=2

Details

Source: Mitre, NVD

Published: 2004-07-27

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H