PRIOn knowledge basePRION:CVE-2009-2737

HistoryAug 11, 2009 - 10:30 a.m.

Design/Logic Flaw

2009-08-1110:30:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.1%

JSON

The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2.1, 1.4 through 1.4.6, and possibly other versions does not properly check permissions, which allows remote authenticated users with edit or create privileges for a class to modify arbitrary items within that class, as demonstrated by editing all queries, modifying settings, and adding roles to users.

CPENameOperatorVersion
roundupeq1.4.5
roundupeq1.4.2
roundupeq1.4.3
roundupeq1.4.1
roundupeq1.4.0
roundupeq1.4.6
roundupeq1.2.0
roundupeq1.4.4

Name	Operator	Version
roundup	eq	1.4.5
roundup	eq	1.4.2
roundup	eq	1.4.3
roundup	eq	1.4.1
roundup	eq	1.4.0
roundup	eq	1.4.6
roundup	eq	1.2.0
roundup	eq	1.4.4

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=518768

issues.roundup-tracker.org/issue2550521

secunia.com/advisories/34192

www.debian.org/security/2009/dsa-1754

www.osvdb.org/56368

www.securityfocus.com/bid/34059

bugzilla.redhat.com/show_bug.cgi?id=489355

www.redhat.com/archives/fedora-package-announce/2009-March/msg00429.html

www.redhat.com/archives/fedora-package-announce/2009-March/msg00439.html