CVE-2011-2674

Sažetak

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.

Reference

http://basercms.net/patch/JVN09789751
http://jvn.jp/en/jp/JVN16617002/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000066

CVSS

Base:	4.9
Impact:	4.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

15-07-2021 - 14:23

Objavljeno

02-10-2011 - 02:53