Lucene search
HistoryOct 02, 2011 - 2:53 a.m.
CVE-2011-2674
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.7%
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
Affected configurations
Node
basercmsbasercmsRange≤1.6.11.4
ORbasercmsbasercmsMatch1.5.4
ORbasercmsbasercmsMatch1.5.5
ORbasercmsbasercmsMatch1.5.6
ORbasercmsbasercmsMatch1.5.7
ORbasercmsbasercmsMatch1.5.8
ORbasercmsbasercmsMatch1.5.9
ORbasercmsbasercmsMatch1.6.0
ORbasercmsbasercmsMatch1.6.1
ORbasercmsbasercmsMatch1.6.2
ORbasercmsbasercmsMatch1.6.3
ORbasercmsbasercmsMatch1.6.4
ORbasercmsbasercmsMatch1.6.5
ORbasercmsbasercmsMatch1.6.6
ORbasercmsbasercmsMatch1.6.7
ORbasercmsbasercmsMatch1.6.7.1
ORbasercmsbasercmsMatch1.6.8
ORbasercmsbasercmsMatch1.6.9
ORbasercmsbasercmsMatch1.6.9.1
ORbasercmsbasercmsMatch1.6.10
ORbasercmsbasercmsMatch1.6.11
ORbasercmsbasercmsMatch1.6.11.1
ORbasercmsbasercmsMatch1.6.11.2
ORbasercmsbasercmsMatch1.6.11.3
Related
cve
cve
CVE-2011-2674
2022-10-03 16:15:16
jvn
jvn
JVN#16617002: BaserCMS vulnerable to access restriction
2011-09-30 00:00:00
prion
prion
Design/Logic Flaw
2011-10-02 02:53:00
github
github
BaserCMS privilege escallation
2022-05-13 01:08:49
cvelist
cvelist
CVE-2011-2674
2022-10-03 16:15:16
osv
osv
BaserCMS privilege escallation
2022-05-13 01:08:49
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.7%
Related for NVD:CVE-2011-2674