Igniterealtime Openfire 漏洞

时间轴

版本

3.6.26
2.6.06
2.6.16
2.6.26
3.0.06

修正

Official Fix8
Temporary Fix0
Workaround0
Unavailable0
Not Defined0

易受攻击性

High0
Functional0
Proof-of-Concept4
Unproven0
Not Defined4

访问向量

Not Defined0
Physical0
Local0
Adjacent0
Network8

身份验证

Not Defined0
High0
Low4
None4

用户交互

Not Defined0
Required2
None6

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤54
≤64
≤70
≤80
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤54
≤62
≤70
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤40
≤54
≤64
≤70
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k0
<2k4
<5k4
<10k0
<25k0
<50k0
<100k0
≥100k0

本日攻击

<1k8
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Versions (30): 2.6, 2.6.1, 2.6.2, 3, 3.0.1, 3.1, 3.1.1, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.3, 3.3.2, 3.3.3, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.5, 3.5.1, 3.5.2, 3.6, 3.6.0a, 3.6.1, 3.6.2, 3.6.3, 3.6.4

已发布BaseTemp漏洞0day今天修正CTICVE
2009-05-014.34.2Igniterealtime Openfire Console 未知漏洞$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2009-1596
2009-05-014.34.0Igniterealtime Openfire IQAuthHandler.java 弱身份验证$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2009-1595
2009-03-235.44.9Igniterealtime Openfire login.jsp 权限升级$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2008-6511
2009-03-234.33.9Igniterealtime Openfire login.jsp 跨网站脚本$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2008-6510
2009-03-237.36.6Igniterealtime Openfire sipark-log-summary.jsp SQL注入$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2008-6509
2009-03-237.37.0Igniterealtime Openfire 目录遍历$0-$5k$0-$5kHighOfficial Fix0.05CVE-2008-6508
2009-02-095.35.1Igniterealtime Openfire log.jsp 目录遍历$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2009-0497

更多条目由 Igniterealtime

上一步一览下一步

Want to stay up to date on a daily basis?

Enable the mail alert feature now!