Lucene search

[email protected]NVD:CVE-2010-3716

HistoryOct 25, 2010 - 8:01 p.m.

CVE-2010-3716

2010-10-2520:01:04

CWE-20

[email protected]

web.nvd.nist.gov

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.

Affected configurations

NVD

Node

typo3typo3Match4.2.0

typo3typo3Match4.2.1

typo3typo3Match4.2.2

typo3typo3Match4.2.3

typo3typo3Match4.2.4

typo3typo3Match4.2.5

typo3typo3Match4.2.6

typo3typo3Match4.2.7

typo3typo3Match4.2.8

typo3typo3Match4.2.9

typo3typo3Match4.2.10

typo3typo3Match4.2.11

typo3typo3Match4.2.12

typo3typo3Match4.2.13

typo3typo3Match4.2.14

typo3typo3Match4.3.0

typo3typo3Match4.3.1

typo3typo3Match4.3.2

typo3typo3Match4.3.3

typo3typo3Match4.3.4

typo3typo3Match4.3.5

typo3typo3Match4.3.6

References

typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/

www.debian.org/security/2010/dsa-2121

www.securityfocus.com/bid/43786

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for NVD:CVE-2010-3716

cve1 prion1 cvelist1 ubuntucve1 openvas3 securityvulns2 nessus1 debian1 osv1