Описание
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.3 (включая)
Одно из
cpe:2.3:a:bestpractical:rtfm:*:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rtfm:2.4.2:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00306
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
около 13 лет назад
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
debian
около 13 лет назад
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly ...
github
больше 3 лет назад
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
EPSS
Процентиль: 53%
0.00306
Низкий
4 Medium
CVSS2
Дефекты
CWE-264