EFileCabinet FileCabinetNumber Authentication Bypass Vulnerability

Bugtraq ID:	23944
Class:	Access Validation Error
CVE:	CVE-2007-2638
Remote:	Yes
Local:	No
Published:	May 11 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	Digital Defense, Inc. is credited with discovering this vulnerability.
Vulnerable:	eFileCabinet eFileCabinet 3.3
Not Vulnerable:

EFileCabinet FileCabinetNumber Authentication Bypass Vulnerability

eFileCabinet is prone to an authentication-bypass vulnerability.

A successful exploit would allow an attacker to create eFileCabinet drawers or potentially gain access to sensitive information.

This issue affects eFileCabinet 3.3; other versions may also be affected.

EFileCabinet FileCabinetNumber Authentication Bypass Vulnerability

Attackers can use a browser to exploit this issue.

EFileCabinet FileCabinetNumber Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

EFileCabinet FileCabinetNumber Authentication Bypass Vulnerability

References:

• eFileCabinet Homepage (eFileCabinet)
  
• eFileCabinet Authentication Bypass ([email protected])