Summaryinfo

A vulnerability was found in Research Artisan Lite up to 1.17. It has been declared as critical. This affects an unknown function. Executing a manipulation can lead to improper authentication. This vulnerability is registered as CVE-2015-2975. No exploit is available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability has been found in Research Artisan Lite up to 1.17 and classified as critical. This vulnerability affects some unknown processing. The manipulation with an unknown input leads to a improper authentication vulnerability. The CWE definition for the vulnerability is CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

Research Artisan Lite before 1.18 does not ensure that a user has authenticated, which allows remote attackers to perform unspecified actions via unknown vectors.

The weakness was published 07/26/2015 (Website). The advisory is available at lite.research-artisan.net. This vulnerability was named CVE-2015-2975 since 04/07/2015. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. The technical details are unknown and an exploit is not available.

Upgrading to version 1.18 eliminates this vulnerability.

Similar entry is available at VDB-76811. Once again VulDB remains the best source for vulnerability data.

Productinfo

Name

• Research Artisan Lite

Version

• 1.0
• 1.1
• 1.2
• 1.3
• 1.4
• 1.5
• 1.6
• 1.7
• 1.8
• 1.9
• 1.10
• 1.11
• 1.12
• 1.13
• 1.14
• 1.15
• 1.16
• 1.17

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion