ID CVE-2008-5846Type cveReporter NVDModified 2017-08-07T21:33:34
Description
Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a "system-wide entry listing screen."
{"id": "CVE-2008-5846", "bulletinFamily": "NVD", "title": "CVE-2008-5846", "description": "Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a \"system-wide entry listing screen.\"", "published": "2009-01-05T15:30:02", "modified": "2017-08-07T21:33:34", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5846", "reporter": "NVD", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/47759", "http://www.movabletype.org/mt_423_change_log.html", "http://www.securityfocus.com/bid/33133"], "cvelist": ["CVE-2008-5846"], "type": "cve", "lastseen": "2017-08-08T11:25:05", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:sixapart:movable_type:4.21", "cpe:/a:sixapart:movable_type:3.16", "cpe:/a:sixapart:movable_type:3.11", "cpe:/a:sixapart:movable_type:3.2", "cpe:/a:sixapart:movable_type:3.17", "cpe:/a:sixapart:movable_type:3.33", "cpe:/a:sixapart:movable_type:3.0d", "cpe:/a:sixapart:movable_type:3.35", "cpe:/a:sixapart:movable_type:3.01d", "cpe:/a:sixapart:movable_type:4.2", "cpe:/a:sixapart:movable_type:3.15", "cpe:/a:sixapart:movable_type:3.34", "cpe:/a:sixapart:movable_type:3.32", "cpe:/a:sixapart:movable_type:3.14", "cpe:/a:sixapart:movable_type:3.1", "cpe:/a:sixapart:movable_type:3.12", "cpe:/a:sixapart:movable_type:3.3"], "cvelist": ["CVE-2008-5846"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a \"system-wide entry listing screen.\"", "edition": 1, "enchantments": {}, "hash": "38c49d6050d5c4d5b3315d4c09e9b21c7c0d6c633cd4753e985cbfe5d2d054fa", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "ec37b3beafe49454adfdd6a54e7f2326", "key": "href"}, {"hash": "f74cca08c49dc82159c02030808e37ab", "key": "published"}, {"hash": "a17f7b23f03b24faf3bbdff6410648aa", "key": "description"}, {"hash": "50d587ef223de0e979d26abfe9b77a44", "key": "modified"}, {"hash": "a179b7557f1f74417f9c8bf5eb701f53", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "5dc5f549dac2c2110e7d30a50e94869a", "key": "cvss"}, {"hash": "df19531109bebc6d6b8d7bc6e6adbec1", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "9e192d42382338c948641365b87da8ba", "key": "cpe"}, {"hash": "6ea486aab277a697e1c723a61c79bdf7", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5846", "id": "CVE-2008-5846", "lastseen": "2016-09-03T11:31:38", "modified": "2012-10-30T23:08:46", "objectVersion": "1.2", "published": "2009-01-05T15:30:02", "references": ["http://www.movabletype.org/mt_423_change_log.html", "http://www.securityfocus.com/bid/33133", "http://xforce.iss.net/xforce/xfdb/47759"], "reporter": "NVD", "scanner": [], "title": "CVE-2008-5846", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T11:31:38"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "9e192d42382338c948641365b87da8ba"}, {"key": "cvelist", "hash": "6ea486aab277a697e1c723a61c79bdf7"}, {"key": "cvss", "hash": "5dc5f549dac2c2110e7d30a50e94869a"}, {"key": "description", "hash": "a17f7b23f03b24faf3bbdff6410648aa"}, {"key": "href", "hash": "ec37b3beafe49454adfdd6a54e7f2326"}, {"key": "modified", "hash": "5a578f4810f67ebd581c01181dd84cac"}, {"key": "published", "hash": "f74cca08c49dc82159c02030808e37ab"}, {"key": "references", "hash": "9e66fe636a304c458099ce1ddc8282ae"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "df19531109bebc6d6b8d7bc6e6adbec1"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "c13645c41e594732785cfe698e9650f9582e96ed8371c7a3443897d3521352ef", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-08-08T11:25:05"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:sixapart:movable_type:4.21", "cpe:/a:sixapart:movable_type:3.16", "cpe:/a:sixapart:movable_type:3.11", "cpe:/a:sixapart:movable_type:3.2", "cpe:/a:sixapart:movable_type:3.17", "cpe:/a:sixapart:movable_type:3.33", "cpe:/a:sixapart:movable_type:3.0d", "cpe:/a:sixapart:movable_type:3.35", "cpe:/a:sixapart:movable_type:3.01d", "cpe:/a:sixapart:movable_type:4.2", "cpe:/a:sixapart:movable_type:3.15", "cpe:/a:sixapart:movable_type:3.34", "cpe:/a:sixapart:movable_type:3.32", "cpe:/a:sixapart:movable_type:3.14", "cpe:/a:sixapart:movable_type:3.1", "cpe:/a:sixapart:movable_type:3.12", "cpe:/a:sixapart:movable_type:3.3"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{}
