Описание
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zope:zope:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.4b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1b1:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00743
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
больше 23 лет назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
github
больше 3 лет назад
Zope does not properly verify the access for objects with proxy roles
EPSS
Процентиль: 72%
0.00743
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other