Lucene search

[email protected]CVE-2010-4215

HistoryNov 17, 2010 - 1:00 a.m.

CVE-2010-4215

2010-11-1701:00:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2010-4215

foswiki

security vulnerability

remote authentication

privilege escalation

6.8 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.5%

JSON

UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modifying the GROUP and ALLOWTOPICCHANGE preferences in the topic preferences for Main.AdminGroup.

CPENameOperatorVersion
foswiki:foswikifoswikieq1.1.1
foswiki:foswikifoswikieq1.1.0

CPE	Name	Operator	Version
foswiki:foswiki	foswiki	eq	1.1.1
foswiki:foswiki	foswiki	eq	1.1.0

References

foswiki.org/Support/SecurityAlertCVE20104215

secunia.com/advisories/42275

sourceforge.net/mailarchive/message.php?msg_name=4CD9F6F5.4030204%40lavrsen.dk

www.securityfocus.com/bid/44858

exchange.xforce.ibmcloud.com/vulnerabilities/63253

6.8 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.5%

JSON

Related for CVE-2010-4215

openvas2 prion1 cvelist1