How severe is CVE-2017-2864?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2017-2864?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2017-2864

HIGH Year: 2017

CVSS v3 Score

8.1

High

CVSS v2 Score

7.5

High

Weakness Type

CWE-287

View all →

Vulnerability Description

An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets can cause a valid authentication token to be returned to the attacker resulting in authentication bypass. An attacker can send a series of packets to trigger this vulnerability.

CVE-2014-0927

HIGH

CVSS:8.1(High)

The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port ...

CWE-2872014

CVE-2014-3999

HIGH

CVSS:8.1(High)

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

CWE-2872014

CVE-2015-0102

HIGH

CVSS:8.1(High)

IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wit...

CWE-2872015

CVE-2015-3206

HIGH

CVSS:8.1(High)

The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other un...

CWE-2872015