Lucene search

K

PRIOn knowledge basePRION:CVE-2013-7073

HistoryDec 23, 2013 - 11:55 p.m.

Code injection

2013-12-2323:55:00

PRIOn knowledge base

www.prio-n.com

6

6.7 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

54.9%

The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.

CPENameOperatorVersion
typo3eq4.5.30
typo3eq4.5.3
typo3eq4.5.27
typo3eq4.5.9
typo3eq4.5.12
typo3eq4.5.24
typo3eq4.5.15
typo3eq4.5.5
typo3eq4.5.13
typo3eq4.5.17

Rows per page:

1-10 of 681

References

lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html

lists.opensuse.org/opensuse-updates/2016-08/msg00083.html

lists.opensuse.org/opensuse-updates/2016-08/msg00106.html

seclists.org/oss-sec/2013/q4/473

seclists.org/oss-sec/2013/q4/487

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/

www.debian.org/security/2014/dsa-2834

6.7 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

54.9%

Related for PRION:CVE-2013-7073

cvelist1 ubuntucve1 cve1 osv1 github1 nessus4 openvas4 suse1 debian2 securityvulns2 typo31