Dotcms Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

3.010
3.110
3.210
3.310
3.7.09

Contromisure

Official Fix30
Temporary Fix0
Workaround0
Unavailable0
Not Defined25

Sfruttabilità

High0
Functional1
Proof-of-Concept2
Unproven0
Not Defined52

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent1
Network54

Autenticazione

Not Defined0
High9
Low26
None20

Interazione dell'utente

Not Defined0
Required20
None35

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤31
≤45
≤511
≤612
≤711
≤84
≤910
≤101

CVSSv3 Temp

≤10
≤20
≤31
≤45
≤512
≤613
≤711
≤82
≤910
≤101

VulDB

≤10
≤20
≤33
≤48
≤517
≤62
≤78
≤810
≤96
≤101

NVD

≤10
≤20
≤31
≤40
≤55
≤64
≤710
≤87
≤99
≤105

CNA

≤10
≤20
≤30
≤40
≤52
≤61
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k16
<2k22
<5k17
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k55
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (96): 1.0, 1.2, 1.5, 1.5.1, 1.5.1.1, 1.6, 1.6.0.1, 1.6.0.2, 1.6.0.3, 1.6.0.4, 1.6.0.9, 1.9, 1.9.2.1, 1.9.5.1, 2.0, 2.0.1, 2.1, 2.1.1, 2.2, 2.2.1, 2.3, 2.3.1, 3.0, 3.1, 3.2, 3.3, 3.3.1, 3.4, 3.5, 3.6, 3.6.1, 3.7, 3.7.1, 4.0, 4.1, 4.1.1, 5, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.3.8, 5.3.8.1, 5.3.8.2, 5.3.8.3, 5.3.8.4, 5.3.8.5, 5.3.8.6, 5.3.8.7, 5.3.8.8, 5.3.8.9, 5.3.8.11, 5.3.8.12, 5.3.8.13, 5.3.8.14, 5.3.8.15, 20.0, 20.1, 20.2, 20.3, 20.4, 20.5, 20.6, 20.7, 20.8, 20.9, 20.10, 20.11, 21.05.1, 22.02, 22.03, 22.03.1, 22.03.2, 22.03.3, 22.03.4, 22.03.5, 22.03.6, 22.06, 22.1, 22.10.1, 22.10.2, 23.01, 23.01.1, 23.01.2, 23.01.3, 23.05

Tipo di software: Content Management System

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
02/04/20243.43.4dotCMS Maintenance Portlet escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-3164
02/04/20243.43.4dotCMS Dashboard rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-3165
18/10/20236.26.1dotCMS Normalization escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-3042
02/02/20236.36.3dotCMS API directory traversal$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-45783
02/02/20235.45.4dotCMS TempFileAPI escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-37033
02/02/20234.84.8dotCMS TempResource denial of service$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-37034
02/02/20236.76.7dotCMS Token Generation escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-45782
11/11/20224.34.1dotCMS rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-35740
05/08/20223.53.4dotCMS Admin Portal cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-37431
18/07/20228.58.4dotCMS ContentResource API directory traversal$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2022-26352

45 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 45 results.

PrecedenteVisione D'insiemeIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!