Lucene search
GitHub Advisory DatabaseGHSA-6WR6-54MW-MVHRHistoryMay 13, 2022 - 1:08 a.m.
BaserCMS privilege escallation
2022-05-1301:08:49
CWE-269
GitHub Advisory Database
github.com
1
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
7.1 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.7%
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
Affected configurations
Node
baserprojectbasercmsRange<1.6.12
| CPE | Name | Operator | Version |
|---|---|---|---|
| baserproject/basercms | lt | 1.6.12 |
Related
cve
cve
CVE-2011-2674
2022-10-03 16:15:16
jvn
jvn
JVN#16617002: BaserCMS vulnerable to access restriction
2011-09-30 00:00:00
prion
prion
Design/Logic Flaw
2011-10-02 02:53:00
cvelist
cvelist
CVE-2011-2674
2022-10-03 16:15:16
osv
osv
BaserCMS privilege escallation
2022-05-13 01:08:49
nvd
nvd
CVE-2011-2674
2011-10-02 02:53:33
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
7.1 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.7%
Related for GHSA-6WR6-54MW-MVHR