Episerver Ektron Cms Schwachstellen

Zeitverlauf

Version

9.04
9.14
9.24
9.34
9.44

Massnahmen

Official Fix10
Temporary Fix0
Workaround0
Unavailable0
Not Defined0

Ausnutzbarkeit

High0
Functional0
Proof-of-Concept2
Unproven0
Not Defined8

Zugriffsart

Not Defined0
Physical0
Local0
Adjacent0
Network10

Authentisierung

Not Defined0
High0
Low4
None6

Benutzeraktivität

Not Defined0
Required6
None4

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤44
≤52
≤60
≤70
≤82
≤92
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤44
≤52
≤60
≤72
≤80
≤92
≤100

VulDB

≤10
≤20
≤30
≤44
≤52
≤60
≤70
≤84
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Hersteller

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k6
<2k0
<5k4
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploit heute

<1k10
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Versions (16): 8.02 SP4, 9.0, 9.0 SP3 Site CU30, 9.1, 9.1 SP3 Site CU 44, 9.1.0.184 SP2, 9.2, 9.2 SP2 Site CU 21, 9.3, 9.4, 9.5, 9.6, 9.7, 9.8, 9.9, 9.10

Softwaretyp: Content Management System

VeröffentlichtBaseTempSchwachstelle0dayHeuteAusMasCTICVE
10.10.20188.57.7EPiServer Ektron CMS activateuser.aspx erweiterte Rechte$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2018-12596
30.10.20178.58.2EPiServer Ektron CMS XSLTCompiledTransform Remote Code Execution$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2012-5358
30.10.20178.58.2EPiServer Ektron CMS XSL Data ekajaxtransform.aspx XslCompiledTransform Remote Code Execution$0-$5k$0-$5kHighOfficial Fix0.00CVE-2012-5357
25.07.20175.24.9EPiServer Ektron CMS SelectUserGroup.aspx Cross Site Scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2016-6133
03.07.20175.24.9EPiServer Ektron CMS content.aspx Cross Site Scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-6201
09.06.20153.53.4EPiServer Ektron CMS workarea.aspx Cross Site Scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2015-4427
09.06.20154.34.1EPiServer Ektron CMS MenuActions.aspx Cross Site Request Forgery$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2015-3624
13.02.20157.37.0EPiServer Ektron CMS erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2015-0931
13.02.20155.35.1EPiServer Ektron CMS XML External Entity$0-$5k$0-$5kHighOfficial Fix0.00CVE-2015-0923
25.04.20143.53.4EPiServer Ektron CMS content.aspx Cross Site Scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-2729

weitere Einträge von Episerver

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!