Lucene search
HistorySep 30, 2014 - 2:55 p.m.
CVE-2012-5492
cve-2012-5492
plone
remote attackers
metadata
hidden objects
crafted url
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.
Affected configurations
Node
ploneploneRange≤4.2.2
ORploneploneMatch1.0
ORploneploneMatch1.0.1
ORploneploneMatch1.0.2
ORploneploneMatch1.0.3
ORploneploneMatch1.0.4
ORploneploneMatch1.0.5
ORploneploneMatch1.0.6
ORploneploneMatch2.0
ORploneploneMatch2.0.1
ORploneploneMatch2.0.2
ORploneploneMatch2.0.3
ORploneploneMatch2.0.4
ORploneploneMatch2.0.5
ORploneploneMatch2.1
ORploneploneMatch2.1.1
ORploneploneMatch2.1.2
ORploneploneMatch2.1.3
ORploneploneMatch2.1.4
ORploneploneMatch2.5
ORploneploneMatch2.5.1
ORploneploneMatch2.5.2
ORploneploneMatch2.5.3
ORploneploneMatch2.5.4
ORploneploneMatch2.5.5
ORploneploneMatch3.0
ORploneploneMatch3.0.1
ORploneploneMatch3.0.2
ORploneploneMatch3.0.3
ORploneploneMatch3.0.4
ORploneploneMatch3.0.5
ORploneploneMatch3.0.6
ORploneploneMatch3.1
ORploneploneMatch3.1.1
ORploneploneMatch3.1.2
ORploneploneMatch3.1.3
ORploneploneMatch3.1.4
ORploneploneMatch3.1.5.1
ORploneploneMatch3.1.6
ORploneploneMatch3.1.7
ORploneploneMatch3.2
ORploneploneMatch3.2.1
ORploneploneMatch3.2.2
ORploneploneMatch3.2.3
ORploneploneMatch3.3
ORploneploneMatch3.3.1
ORploneploneMatch3.3.2
ORploneploneMatch3.3.3
ORploneploneMatch3.3.4
ORploneploneMatch3.3.5
ORploneploneMatch4.0
ORploneploneMatch4.0.1
ORploneploneMatch4.0.2
ORploneploneMatch4.0.3
ORploneploneMatch4.0.4
ORploneploneMatch4.0.5
ORploneploneMatch4.0.6.1
ORploneploneMatch4.1
ORploneploneMatch4.1.4
ORploneploneMatch4.1.5
ORploneploneMatch4.1.6
ORploneploneMatch4.2
ORploneploneMatch4.2a1
ORploneploneMatch4.2a2
ORploneploneMatch4.2b1
ORploneploneMatch4.2b2
ORploneploneMatch4.2rc1
ORploneploneMatch4.2rc2
ORploneploneMatch4.2.0.1
ORploneploneMatch4.2.1
ORploneploneMatch4.2.1.1
ORploneploneMatch4.3
Related
cvelist
cvelist
CVE-2012-5492
2014-09-30 14:00:00
github
github
Plone Metadata Disclosure
2022-05-17 04:32:24
osv
osv
PYSEC-2014-34
2014-09-30 14:55:00
Plone Metadata Disclosure
2022-05-17 04:32:24
nvd
nvd
CVE-2012-5492
2014-09-30 14:55:06
prion
prion
Code injection
2014-09-30 14:55:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
Related for CVE-2012-5492