China National Vulnerability DatabaseCNVD-2022-05516Delicious Brains Advanced Custom Fields Access Control Error Vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Delicious Brains Advanced Custom Fields is an advanced custom fields plug-in from Delicious Brains Canada.An access control error vulnerability exists in Delicious Brains Advanced Custom Fields, which stems from a lack of authorization associated with database browsing The vulnerability stems from a lack of authorization related to database browsing, which could be exploited by an attacker to browse unauthorized data on the database.
| CPE | Name | Operator | Version |
|---|---|---|---|
| delicious brains advanced custom fields | lt | 5.11 | |
| delicious brains advanced custom fields pro | lt | 5.11 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N