CVE-2009-2171

Опубликовано: 23 июн. 2009

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.

Ссылки

http://mahara.org/interaction/forum/topic.php?id=753
Vendor Advisory
http://mahara.org/interaction/forum/topic.php?id=753
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mahara:mahara:1.1:*:*:*:*:*:*:*

cpe:2.3:a:mahara:mahara:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mahara:mahara:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:mahara:mahara:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:mahara:mahara:1.1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00176

Низкий

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2009-2171

ubuntu

больше 16 лет назад

Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.

CVE-2009-2171

debian

больше 16 лет назад

Mahara 1.1 before 1.1.5 does not apply permission checks when saving a ...

GHSA-7prf-5qjr-qmp5

github

почти 4 года назад

Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.

EPSS

Процентиль: 39%

0.00176

Низкий

4 Medium

CVSS2

Дефекты

CWE-264