Описание
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zope:zope:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.4b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1b1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00743
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
почти 24 года назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
github
почти 4 года назад
Zope does not properly verify the access for objects with proxy roles
EPSS
Процентиль: 73%
0.00743
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other