Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-5506
HistorySep 30, 2014 - 2:55 p.m.

CVE-2012-5506

2014-09-3014:55:06
CWE-399
[email protected]
web.nvd.nist.gov
22
cve-2012-5506
python_scripts.py
plone
denial of service
rss feed
nvd
security issue

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.

Affected configurations

NVD
Node
ploneploneRange4.2.2
OR
ploneploneMatch1.0
OR
ploneploneMatch1.0.1
OR
ploneploneMatch1.0.2
OR
ploneploneMatch1.0.3
OR
ploneploneMatch1.0.4
OR
ploneploneMatch1.0.5
OR
ploneploneMatch1.0.6
OR
ploneploneMatch2.0
OR
ploneploneMatch2.0.1
OR
ploneploneMatch2.0.2
OR
ploneploneMatch2.0.3
OR
ploneploneMatch2.0.4
OR
ploneploneMatch2.0.5
OR
ploneploneMatch2.1
OR
ploneploneMatch2.1.1
OR
ploneploneMatch2.1.2
OR
ploneploneMatch2.1.3
OR
ploneploneMatch2.1.4
OR
ploneploneMatch2.5
OR
ploneploneMatch2.5.1
OR
ploneploneMatch2.5.2
OR
ploneploneMatch2.5.3
OR
ploneploneMatch2.5.4
OR
ploneploneMatch2.5.5
OR
ploneploneMatch3.0
OR
ploneploneMatch3.0.1
OR
ploneploneMatch3.0.2
OR
ploneploneMatch3.0.3
OR
ploneploneMatch3.0.4
OR
ploneploneMatch3.0.5
OR
ploneploneMatch3.0.6
OR
ploneploneMatch3.1
OR
ploneploneMatch3.1.1
OR
ploneploneMatch3.1.2
OR
ploneploneMatch3.1.3
OR
ploneploneMatch3.1.4
OR
ploneploneMatch3.1.5.1
OR
ploneploneMatch3.1.6
OR
ploneploneMatch3.1.7
OR
ploneploneMatch3.2
OR
ploneploneMatch3.2.1
OR
ploneploneMatch3.2.2
OR
ploneploneMatch3.2.3
OR
ploneploneMatch3.3
OR
ploneploneMatch3.3.1
OR
ploneploneMatch3.3.2
OR
ploneploneMatch3.3.3
OR
ploneploneMatch3.3.4
OR
ploneploneMatch3.3.5
OR
ploneploneMatch4.0
OR
ploneploneMatch4.0.1
OR
ploneploneMatch4.0.2
OR
ploneploneMatch4.0.3
OR
ploneploneMatch4.0.4
OR
ploneploneMatch4.0.5
OR
ploneploneMatch4.0.6.1
OR
ploneploneMatch4.1
OR
ploneploneMatch4.1.4
OR
ploneploneMatch4.1.5
OR
ploneploneMatch4.1.6
OR
ploneploneMatch4.2
OR
ploneploneMatch4.2a1
OR
ploneploneMatch4.2a2
OR
ploneploneMatch4.2b1
OR
ploneploneMatch4.2b2
OR
ploneploneMatch4.2rc1
OR
ploneploneMatch4.2rc2
OR
ploneploneMatch4.2.0.1
OR
ploneploneMatch4.2.1
OR
ploneploneMatch4.2.1.1
OR
ploneploneMatch4.3

Related

osv 2
prion 1
nvd 1
github 1
cvelist 1
osv
osv
PYSEC-2014-48
2014-09-30 14:55:00
Plone denial of service via RSS Feed Request
2022-05-17 04:32:05
prion
prion
Server side request forgery (ssrf)
2014-09-30 14:55:00
nvd
nvd
CVE-2012-5506
2014-09-30 14:55:06
github
github
Plone denial of service via RSS Feed Request
2022-05-17 04:32:05
cvelist
cvelist
CVE-2012-5506
2014-09-30 14:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON
Related for CVE-2012-5506
osv2prion1nvd1github1cvelist1