What is CVE-2016-9129?

CVE-2016-9129 is a medium-severity vulnerability in Revive-adserver Revive_adserver, classified under Observable Discrepancy. CVSS score: 5.3/10. Published 2017-03-28.

How severe is CVE-2016-9129?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Information disclosure in Revive-adserver Revive_adserver

CVE-2016-9129

Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the m…

EPSS: 0.002 (45.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Revive-adserver Revive_adserver
N/a Revive Adserver All Versions Before 3.2.3 — versions Revive Adserver All versions before 3.2.3

Weakness classification (CWE)

References

support@hackerone.com (Permissions Required, x_refsource_MISC)
support@hackerone.com (Patch, Third Party Advisory, x_refsource_MISC, Issue Tracking)
support@hackerone.com (Patch, x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2016-9129?: CVE-2016-9129 is a medium-severity vulnerability in Revive-adserver Revive_adserver, classified under Observable Discrepancy. CVSS score: 5.3/10. Published 2017-03-28.
How severe is CVE-2016-9129?: Medium severity. CVSS v3 base score is 5.3 out of 10.