Lucene search

[email protected]CVE-2012-1565

HistoryOct 06, 2012 - 9:55 p.m.

CVE-2012-1565

2012-10-0621:55:04

[email protected]

web.nvd.nist.gov

vulnerability

ez publish

4.x

insecure direct object reference

cve-2012-1565

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.1%

JSON

Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference.

Affected configurations

NVD

Node

ezez_publishMatch4.1.4

ezez_publishMatch4.2.0

ezez_publishMatch4.3.0

ezez_publishMatch4.4.0

ezez_publishMatch4.5.0

ezez_publishMatch4.6.0

CPENameOperatorVersion
ez:ez_publishez ez publisheq4.1.4
ez:ez_publishez ez publisheq4.2.0
ez:ez_publishez ez publisheq4.3.0
ez:ez_publishez ez publisheq4.4.0
ez:ez_publishez ez publisheq4.5.0
ez:ez_publishez ez publisheq4.6.0

CPE	Name	Operator	Version
ez:ez_publish	ez ez publish	eq	4.1.4
ez:ez_publish	ez ez publish	eq	4.2.0
ez:ez_publish	ez ez publish	eq	4.3.0
ez:ez_publish	ez ez publish	eq	4.4.0
ez:ez_publish	ez ez publish	eq	4.5.0
ez:ez_publish	ez ez publish	eq	4.6.0

References

issues.ez.no/19238

osvdb.org/80098

secunia.com/advisories/48338

www.openwall.com/lists/oss-security/2012/03/19/13

www.openwall.com/lists/oss-security/2012/03/19/6

www.securityfocus.com/bid/52516

exchange.xforce.ibmcloud.com/vulnerabilities/74060

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.1%

JSON

Related for CVE-2012-1565

nvd1 cvelist1 prion1