CVE Vulnerabilities

CVE-2014-2367

DEPRECATED: Authentication Bypass Issues

Published: Jul 19, 2014 | Modified: Oct 06, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

Weakness

This weakness has been deprecated because it covered redundant concepts already described in CWE-287.

Affected Software

Name Vendor Start Version End Version
Advantech_webaccess Advantech * 7.1 (including)
Advantech_webaccess Advantech 5.0 (including) 5.0 (including)
Advantech_webaccess Advantech 6.0 (including) 6.0 (including)
Advantech_webaccess Advantech 7.0 (including) 7.0 (including)

References