CVE-2012-5489 in Ploneinformation

Résumé

par MITRE

The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Réserver

24/10/2012

Divulgation

30/09/2014

Modérer

accepté

Entrée

VDB-71671

CPE

prêt

CWE

CWE-264 (confirmé)

CVSS

6.3 (VulDB)

EPSS

0.01272

KEV

non

Activités

très faible

Secteur

Hostingprovider, Agriculture, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5489
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5489
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5489/

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!