CVE-2004-0706

medium

Description

Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16669

http://www.securityfocus.com/bid/10698

http://marc.info/?l=bugtraq&m=108965446813639&w=2

http://bugzilla.mozilla.org/show_bug.cgi?id=235510

Details

Source: Mitre, NVD

Published: 2004-07-27

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium