Lucene search
HistoryDec 06, 2011 - 11:55 a.m.
CVE-2011-4554
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
58.5%
One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e-mail address, related to a “2nd Order SMTP Injection” issue.
Affected configurations
Node
oneclickorgsone_click_orgsRange≤1.2.2
ORoneclickorgsone_click_orgsMatch1.0.0
ORoneclickorgsone_click_orgsMatch1.0.1
ORoneclickorgsone_click_orgsMatch1.1.0
ORoneclickorgsone_click_orgsMatch1.1.1
ORoneclickorgsone_click_orgsMatch1.2.0
ORoneclickorgsone_click_orgsMatch1.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oneclickorgs | one_click_orgs | * | cpe:2.3:a:oneclickorgs:one_click_orgs:*:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.0.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.0:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.0.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.1:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.1.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.0:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.1.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.1:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.2.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.0:*:*:*:*:*:*:* |
| oneclickorgs | one_click_orgs | 1.2.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-4554
2011-12-06 11:00:00
cve
cve
CVE-2011-4554
2011-12-06 11:55:07
prion
prion
Sql injection
2011-12-06 11:55:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
58.5%
Related for NVD:CVE-2011-4554