Lucene search

K

PRIOn knowledge basePRION:CVE-2012-1607

HistorySep 04, 2012 - 8:55 p.m.

Server side request forgery (ssrf)

2012-09-0420:55:00

PRIOn knowledge base

www.prio-n.com

1

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.1%

The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.

CPENameOperatorVersion
typo3eq4.4.13
typo3eq4.4.4
typo3eq4.4.5
typo3eq4.4.11
typo3eq4.4.1
typo3eq4.4.2
typo3eq4.4.6
typo3eq4.4.7
typo3eq4.4.0
typo3eq4.4.9

Rows per page:

1-10 of 401

References

osvdb.org/80761

secunia.com/advisories/48622

secunia.com/advisories/48647

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/

www.debian.org/security/2012/dsa-2445

www.openwall.com/lists/oss-security/2012/03/30/4

www.securityfocus.com/bid/52771

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.1%

Related for PRION:CVE-2012-1607

ubuntucve1 cve1 openvas3 osv1 nessus1 debian1 securityvulns2 typo31