Lucene search

[email protected]CVE-2011-3587

HistoryOct 10, 2011 - 10:55 a.m.

CVE-2011-3587

2011-10-1010:55:06

[email protected]

web.nvd.nist.gov

cve-2011-3587

zope

plone

remote execution

python modules

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Affected configurations

NVD

Node

ploneploneMatch4.0

ploneploneMatch4.0.1

ploneploneMatch4.0.2

ploneploneMatch4.0.3

ploneploneMatch4.0.4

ploneploneMatch4.0.5

ploneploneMatch4.0.6.1

ploneploneMatch4.0.7

ploneploneMatch4.0.8

ploneploneMatch4.0.9

ploneploneMatch4.1

ploneploneMatch4.2

ploneploneMatch4.2a1

ploneploneMatch4.2a2

zopezopeMatch2.12.0

zopezopeMatch2.12.0a1

zopezopeMatch2.12.0a2

zopezopeMatch2.12.0a3

zopezopeMatch2.12.0a4

zopezopeMatch2.12.0b1

zopezopeMatch2.12.0b2

zopezopeMatch2.12.0b3

zopezopeMatch2.12.0b4

zopezopeMatch2.12.1

zopezopeMatch2.12.2

zopezopeMatch2.12.3

zopezopeMatch2.12.4

zopezopeMatch2.12.5

zopezopeMatch2.12.6

zopezopeMatch2.12.7

zopezopeMatch2.12.8

zopezopeMatch2.12.9

zopezopeMatch2.12.10

zopezopeMatch2.12.11

zopezopeMatch2.12.12

zopezopeMatch2.12.13

zopezopeMatch2.12.14

zopezopeMatch2.12.15

zopezopeMatch2.12.16

zopezopeMatch2.12.17

zopezopeMatch2.12.18

zopezopeMatch2.12.19

zopezopeMatch2.12.20

zopezopeMatch2.13.0

zopezopeMatch2.13.0a1

zopezopeMatch2.13.0a2

zopezopeMatch2.13.0a3

zopezopeMatch2.13.0a4

zopezopeMatch2.13.0b1

zopezopeMatch2.13.0c1

zopezopeMatch2.13.1

zopezopeMatch2.13.2

zopezopeMatch2.13.3

zopezopeMatch2.13.4

zopezopeMatch2.13.5

zopezopeMatch2.13.6

zopezopeMatch2.13.7

zopezopeMatch2.13.8

zopezopeMatch2.13.9

zopezopeMatch2.13.10

CPENameOperatorVersion
plone:ploneploneeq4.0
plone:ploneploneeq4.0.1
plone:ploneploneeq4.0.2
plone:ploneploneeq4.0.3
plone:ploneploneeq4.0.4
plone:ploneploneeq4.0.5
plone:ploneploneeq4.0.6.1
plone:ploneploneeq4.0.7
plone:ploneploneeq4.0.8
plone:ploneploneeq4.0.9

CPE	Name	Operator	Version
plone:plone	plone	eq	4.0
plone:plone	plone	eq	4.0.1
plone:plone	plone	eq	4.0.2
plone:plone	plone	eq	4.0.3
plone:plone	plone	eq	4.0.4
plone:plone	plone	eq	4.0.5
plone:plone	plone	eq	4.0.6.1
plone:plone	plone	eq	4.0.7
plone:plone	plone	eq	4.0.8
plone:plone	plone	eq	4.0.9