Lucene search

RedhatCVE-2012-3385

HistoryJul 22, 2012 - 5:55 p.m.

CVE-2012-3385

2012-07-2217:55:03

CWE-264

redhat

web.nvd.nist.gov

wordpress

cve-2012-3385

security vulnerability

access restriction

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON

WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.

Affected configurations

Nvd

Node

wordpresswordpressRange≤3.4.0

wordpresswordpressMatch0.71

wordpresswordpressMatch1.0

wordpresswordpressMatch1.0.1

wordpresswordpressMatch1.0.2

wordpresswordpressMatch1.1.1

wordpresswordpressMatch1.2

wordpresswordpressMatch1.2.1

wordpresswordpressMatch1.2.2

wordpresswordpressMatch1.2.3

wordpresswordpressMatch1.2.4

wordpresswordpressMatch1.2.5

wordpresswordpressMatch1.2.5a

wordpresswordpressMatch1.3

wordpresswordpressMatch1.3.2

wordpresswordpressMatch1.3.3

wordpresswordpressMatch1.5

wordpresswordpressMatch1.5.1

wordpresswordpressMatch1.5.1.1

wordpresswordpressMatch1.5.1.2

wordpresswordpressMatch1.5.1.3

wordpresswordpressMatch1.5.2

wordpresswordpressMatch2.0

wordpresswordpressMatch2.0.1

wordpresswordpressMatch2.0.2

wordpresswordpressMatch2.0.4

wordpresswordpressMatch2.0.5

wordpresswordpressMatch2.0.6

wordpresswordpressMatch2.0.7

wordpresswordpressMatch2.0.8

wordpresswordpressMatch2.0.9

wordpresswordpressMatch2.0.10

wordpresswordpressMatch2.0.11

wordpresswordpressMatch2.1

wordpresswordpressMatch2.1.1

wordpresswordpressMatch2.1.2

wordpresswordpressMatch2.1.3

wordpresswordpressMatch2.2

wordpresswordpressMatch2.2.1

wordpresswordpressMatch2.2.2

wordpresswordpressMatch2.2.3

wordpresswordpressMatch2.3

wordpresswordpressMatch2.3.1

wordpresswordpressMatch2.3.2

wordpresswordpressMatch2.3.3

wordpresswordpressMatch2.5

wordpresswordpressMatch2.5.1

wordpresswordpressMatch2.6

wordpresswordpressMatch2.6.1

wordpresswordpressMatch2.6.2

wordpresswordpressMatch2.6.3

wordpresswordpressMatch2.6.5

wordpresswordpressMatch2.7

wordpresswordpressMatch2.7.1

wordpresswordpressMatch2.8

wordpresswordpressMatch2.8.1

wordpresswordpressMatch2.8.2

wordpresswordpressMatch2.8.3

wordpresswordpressMatch2.8.4

wordpresswordpressMatch2.8.4a

wordpresswordpressMatch2.8.5

wordpresswordpressMatch2.8.5.1

wordpresswordpressMatch2.8.5.2

wordpresswordpressMatch2.8.6

wordpresswordpressMatch2.9

wordpresswordpressMatch2.9.1

wordpresswordpressMatch2.9.1.1

wordpresswordpressMatch2.9.2

wordpresswordpressMatch3.0

wordpresswordpressMatch3.0.1

wordpresswordpressMatch3.0.2

wordpresswordpressMatch3.0.3

wordpresswordpressMatch3.0.4

wordpresswordpressMatch3.0.5

wordpresswordpressMatch3.0.6

wordpresswordpressMatch3.1

wordpresswordpressMatch3.1.1

wordpresswordpressMatch3.1.2

wordpresswordpressMatch3.1.3

wordpresswordpressMatch3.1.4

wordpresswordpressMatch3.2

wordpresswordpressMatch3.2.1

wordpresswordpressMatch3.3

wordpresswordpressMatch3.3.2

wordpresswordpressMatch3.3.3

VendorProductVersionCPE
wordpresswordpress*cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
wordpresswordpress0.71cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
wordpresswordpress1.0cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
wordpresswordpress1.0.1cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
wordpresswordpress1.0.2cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
wordpresswordpress1.1.1cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*
wordpresswordpress1.2cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
wordpresswordpress1.2.1cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
wordpresswordpress1.2.2cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
wordpresswordpress1.2.3cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wordpress	wordpress	*	cpe:2.3:a:wordpress:wordpress::::::::
wordpress	wordpress	0.71	cpe:2.3:a:wordpress:wordpress:0.71:::::::*
wordpress	wordpress	1.0	cpe:2.3:a:wordpress:wordpress:1.0:::::::*
wordpress	wordpress	1.0.1	cpe:2.3:a:wordpress:wordpress:1.0.1:::::::*
wordpress	wordpress	1.0.2	cpe:2.3:a:wordpress:wordpress:1.0.2:::::::*
wordpress	wordpress	1.1.1	cpe:2.3:a:wordpress:wordpress:1.1.1:::::::*
wordpress	wordpress	1.2	cpe:2.3:a:wordpress:wordpress:1.2:::::::*
wordpress	wordpress	1.2.1	cpe:2.3:a:wordpress:wordpress:1.2.1:::::::*
wordpress	wordpress	1.2.2	cpe:2.3:a:wordpress:wordpress:1.2.2:::::::*
wordpress	wordpress	1.2.3	cpe:2.3:a:wordpress:wordpress:1.2.3:::::::*