icon

We found results for “

CVE-2007-0405

Good to know:

Date: January 22, 2007

The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.

Severity Score

Severity Score

Top Fix

icon

Upgrade Version

CVSS v3.1

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privilegs Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):
Integrity (I):
Availability (A):

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us