CVE-2012-4404

Опубликовано: 10 сент. 2012

Источник: nvd

CVSS2: 6

EPSS Низкий

Описание

security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moinmo:moinmoin:1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:moinmo:moinmoin:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:moinmo:moinmoin:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:moinmo:moinmoin:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:moinmo:moinmoin:1.9.4:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.0099

Низкий

6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2012-4404

ubuntu

больше 13 лет назад

security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group.

CVE-2012-4404

debian

больше 13 лет назад

security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly h ...

GHSA-g4mx-rm5q-vh24

CVSS3: 5.4

github

больше 3 лет назад

MoinMoin Improper Access Control

EPSS

Процентиль: 76%

0.0099

Низкий

6 Medium

CVSS2

Дефекты

CWE-264