Vulnerabilities > CVE-2007-2849 - Unspecified vulnerability in Knowledgetree Document Management Knowledgetree Document Management 3.3.3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

knowledgetree-document-management

NVD

Published: 2007-05-24

Updated: 2024-11-21

Summary

KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.

Vulnerable Configurations

Part	Description	Count
Application	Knowledgetree_Document_Management Knowledgetree Document Management Knowledgetree Document Management 3.3.3	1

References

http://osvdb.org/36578
http://osvdb.org/36578
http://secunia.com/advisories/25360
http://secunia.com/advisories/25360
http://sourceforge.net/forum/forum.php?forum_id=698243
http://sourceforge.net/forum/forum.php?forum_id=698243
http://sourceforge.net/project/shownotes.php?release_id=510338
http://sourceforge.net/project/shownotes.php?release_id=510338
http://www.securityfocus.com/bid/24110
http://www.securityfocus.com/bid/24110
http://www.vupen.com/english/advisories/2007/1920
http://www.vupen.com/english/advisories/2007/1920
https://exchange.xforce.ibmcloud.com/vulnerabilities/34463
https://exchange.xforce.ibmcloud.com/vulnerabilities/34463