CVE-2013-7061

Опубликовано: 02 мая 2014

Источник: nvd

CVSS2: 5.5

EPSS Низкий

Описание

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.4:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.5:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.6:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.2.7:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:plone:plone:4.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00259

Низкий

5.5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2013-7061

redhat

около 12 лет назад

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.

GHSA-4vr8-r7qr-fpvq

CVSS3: 4.9

github

больше 3 лет назад

Plone Privilege escalation through exposed underlying API