Lucene search
China National Vulnerability DatabaseCNVD-2022-06532HistoryDec 02, 2020 - 12:00 a.m.
Umbraco Improper Access Control Vulnerability
2020-12-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
22.9%
Umbraco is an open source content management system (CMS) based on ASP.NET technology. An improper access control vulnerability exists in Editors/LogViewerController.cs in Umbraco 8.9.1 and earlier versions. Users without the Applications.Settings access privilege can exploit the vulnerability to access the Logviewer endpoint. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| umbraco umbraco | le | 8.9.1 |
Related
osv
osv
Incorrect permission enforcement in UmbracoCms
2021-04-13 15:48:05
CVE-2020-29454
2020-12-02 02:15:11
cve
cve
CVE-2020-29454
2020-12-02 02:15:11
cvelist
cvelist
CVE-2020-29454
2020-12-02 01:50:03
prion
prion
Use after free
2020-12-02 02:15:00
github
github
Incorrect permission enforcement in UmbracoCms
2021-04-13 15:48:05
veracode
veracode
Privilege Escalation
2020-12-03 05:01:25
nvd
nvd
CVE-2020-29454
2020-12-02 02:15:11