CVE-2011-4214

OneOrZero AIMS 2.7.0 - Auth Bypass

Title source: llm

Description

OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.

References (3)

[Various Sources] http://en.securitylab.ru/lab/PT-2011-20

[US Government Resource] http://www.kb.cert.org/vuls/id/800227

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/50107

Scores

EPSS 0.0343

EPSS Percentile 87.3%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

oneorzero/aims

Timeline

Published Nov 01, 2011

Tracked Since Feb 18, 2026