exploitDog

CVE-2018-14836

Опубликовано: 02 авг. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel.

Ссылки

https://github.com/intelliants/subrion/issues/762
Third Party Advisory
https://github.com/intelliants/subrion/issues/762
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:subrion:subrion_cms:4.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00207

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-6xpx-3cj9-qcrv

CVSS3: 6.5

github

больше 3 лет назад

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel.

EPSS

Процентиль: 43%

0.00207

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269