Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-5097
HistoryAug 08, 2012 - 10:26 a.m.

Command injection

2012-08-0810:26:00
PRIOn knowledge base
www.prio-n.com
1

7 High

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef before 0.9.18, and 0.10.x before 0.10.2, does not require administrative privileges for the update and destroy methods, which allows remote authenticated users to (1) upload cookbooks via a knife cookbook upload command or (2) delete cookbooks via a knife cookbook delete command.

Rows per page:
1-10 of 221

7 High

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

Related for PRION:CVE-2011-5097