Medium severity6.5NVD Advisory· Published Mar 29, 2018· Updated Jun 17, 2026
CVE-2014-5028
CVE-2014-5028
Description
The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=1.7,<1.7.27 || >=2.0,<2.0.4+ 1 more
- (no CPE)range: >=1.7,<1.7.27 || >=2.0,<2.0.4
- (no CPE)range: <1.7.27, <2.0.4
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2014/07/22/12nvdMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/94813nvdThird Party AdvisoryVDB Entry
- www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27nvdVendor Advisory
- www.reviewboard.org/docs/releasenotes/reviewboard/2.0.4nvdVendor Advisory
- www.reviewboard.org/news/2014/07/22/review-board-1-7-27-and-2-0-3-security-releasesnvdVendor Advisory
News mentions
0No linked articles in our index yet.