CVE-2014-125060
HIGHcollabcal < 2014-12-09 - Improper Authentication in handleGet Function
Title source: llmDescription
A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.217614
Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.217614
Patch, Third Party Advisory patch
https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6
Scores
CVSS v3
7.3
EPSS
0.0095
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-287
Status
published
Products (1)
collabcal_project/collabcal
< 2014-12-09
Published
Jan 07, 2023
Tracked Since
Feb 18, 2026