Lucene search

GitHub Advisory DatabaseGHSA-9XH4-WPX8-RG2W

HistoryApr 29, 2022 - 2:59 a.m.

MoinMoin Improper Privilege Management

2022-04-2902:59:37

GitHub Advisory Database

github.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

MoinMoin 1.2.2 and earlier could allow a remote attacker to gain elevated privileges, caused by an undisclosed Access Control List (ACL) vulnerability in the PageEditor.

Affected configurations

Vulners

Node

moinRange≤1.2.2

CPENameOperatorVersion
moinle1.2.2

CPE	Name	Operator	Version
	moin	le	1.2.2

References

sourceforge.net/project/shownotes.php?group_id=8482&release_id=254801

www.gentoo.org/security/en/glsa/glsa-200408-25.xml

www.osvdb.org/displayvuln.php?osvdb_id=8195

www.securityfocus.com/bid/10801

exchange.xforce.ibmcloud.com/vulnerabilities/16832

github.com/advisories/GHSA-9xh4-wpx8-rg2w

nvd.nist.gov/vuln/detail/CVE-2004-1463

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

Related for GHSA-9XH4-WPX8-RG2W