Lucene search

[email protected]NVD:CVE-2010-5093

HistoryAug 26, 2012 - 6:55 p.m.

CVE-2010-5093

2012-08-2618:55:01

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON

Member_ProfileForm in security/Member.php in SilverStripe 2.3.x before 2.3.7 allows remote attackers to hijack user accounts by saving data using the email address (ID) of another user.

Affected configurations

Nvd

Node

silverstripesilverstripeMatch2.3.0

silverstripesilverstripeMatch2.3.0rc1

silverstripesilverstripeMatch2.3.0rc2

silverstripesilverstripeMatch2.3.0rc3

silverstripesilverstripeMatch2.3.1

silverstripesilverstripeMatch2.3.1rc1

silverstripesilverstripeMatch2.3.1rc2

silverstripesilverstripeMatch2.3.2

silverstripesilverstripeMatch2.3.3

silverstripesilverstripeMatch2.3.4

silverstripesilverstripeMatch2.3.5

silverstripesilverstripeMatch2.3.6

VendorProductVersionCPE
silverstripesilverstripe2.3.0cpe:2.3:a:silverstripe:silverstripe:2.3.0:*:*:*:*:*:*:*
silverstripesilverstripe2.3.0cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc1:*:*:*:*:*:*
silverstripesilverstripe2.3.0cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc2:*:*:*:*:*:*
silverstripesilverstripe2.3.0cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc3:*:*:*:*:*:*
silverstripesilverstripe2.3.1cpe:2.3:a:silverstripe:silverstripe:2.3.1:*:*:*:*:*:*:*
silverstripesilverstripe2.3.1cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc1:*:*:*:*:*:*
silverstripesilverstripe2.3.1cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc2:*:*:*:*:*:*
silverstripesilverstripe2.3.2cpe:2.3:a:silverstripe:silverstripe:2.3.2:*:*:*:*:*:*:*
silverstripesilverstripe2.3.3cpe:2.3:a:silverstripe:silverstripe:2.3.3:*:*:*:*:*:*:*
silverstripesilverstripe2.3.4cpe:2.3:a:silverstripe:silverstripe:2.3.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
silverstripe	silverstripe	2.3.0	cpe:2.3:a:silverstripe:silverstripe:2.3.0:::::::*
silverstripe	silverstripe	2.3.0	cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc1::::::
silverstripe	silverstripe	2.3.0	cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc2::::::
silverstripe	silverstripe	2.3.0	cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc3::::::
silverstripe	silverstripe	2.3.1	cpe:2.3:a:silverstripe:silverstripe:2.3.1:::::::*
silverstripe	silverstripe	2.3.1	cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc1::::::
silverstripe	silverstripe	2.3.1	cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc2::::::
silverstripe	silverstripe	2.3.2	cpe:2.3:a:silverstripe:silverstripe:2.3.2:::::::*
silverstripe	silverstripe	2.3.3	cpe:2.3:a:silverstripe:silverstripe:2.3.3:::::::*
silverstripe	silverstripe	2.3.4	cpe:2.3:a:silverstripe:silverstripe:2.3.4:::::::*

Rows per page:

1-10 of 121

References

doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.7

open.silverstripe.org/changeset/100744

www.openwall.com/lists/oss-security/2012/04/30/1

www.openwall.com/lists/oss-security/2012/04/30/3

www.openwall.com/lists/oss-security/2012/05/01/3

www.silverstripe.org/security-releases

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON

Related for NVD:CVE-2010-5093

prion1 cve1 cvelist1