Vulnerabilities > CVE-2005-4689 - Remote Security vulnerability in Six Apart Movable Type

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
six-apart

Summary

Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.

Vulnerable Configurations

Part Description Count
Application
Six_Apart
1