CVE-2006-0153

Name of the Vulnerable Software and Affected Versions 427BB versions 2.2 through 2.2.1

Description The issue allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie. This is possible because the software verifies authentication credentials based on the username, authenticated, and usertype cookies.

Recommendations For versions 2.2 through 2.2.1, consider temporarily disabling the use of the authenticated cookie for authentication until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. Avoid relying solely on the username, authenticated, and usertype cookies for authentication. At the moment, there is no information about a newer version that contains a fix for this vulnerability.