ReviveAdserver Permissions Privileges and Access Controls Vulnerability - CVE-2015-7371 - Vulnerability Database

ReviveAdserver Permissions Privileges and Access Controls Vulnerability - CVE-2015-7371

Medium

Reference: CVE-2015-7371

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-7371

Title: ReviveAdserver Permissions Privileges and Access Controls Vulnerability

Overview:

Revive Adserver before 3.2.2 does not restrict access to run-mpe.php which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service (resource consumption) via a direct request.