Lucene search
K

PT-2020-5771 · Renaud Dubois Christophe Wolfhugel Olivier Salauen +2 · Sympa +2

🗓️ 24 Mar 2020 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity
🔗 dbugs.ptsecurity.com👁 1 Views

Sympa versions before 6.2.56 lack privilege management, risking data confidentiality, integrity, and service.

Related
Refs
ReporterTitlePublishedViews
Family
FreeBSD
sympa -- Unauthorised full access via SOAP API due to illegal cookie
24 Nov 202000:00
freebsd
FreeBSD
sympa -- Denial of service caused by malformed CSRF token
24 Feb 202000:00
freebsd
BDU FSTEC
The vulnerability in the web interface (wwsympa.fcgi) of the Sympa mailing list manager allows a perpetrator to escalate their privileges.
12 Aug 202000:00
bdu_fstec
BDU FSTEC
The vulnerability of the Sympa mailing list manager, related to a bug in the resource consumption monitoring mechanism, allows a violator to trigger a service failure.
30 Mar 202100:00
bdu_fstec
BDU FSTEC
The vulnerability of the authenticateAndRun function in the Sympa mailing list manager, related to the lack of authentication mechanisms, allows attackers to access confidential data.
30 Mar 202100:00
bdu_fstec
BDU FSTEC
The vulnerability of Sympa mailing list managers, related to the lack of a mechanism for managing privileges, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
30 Mar 202100:00
bdu_fstec
BDU FSTEC
The vulnerability of the debian/sympa.postinst component of the Sympa mailing list manager allows a perpetrator to compromise the integrity of data by improperly assigning permissions for critical resources.
30 Mar 202100:00
bdu_fstec
BDU FSTEC
The vulnerability of Sympa mailing list managers, related to the use of open redirection, allows attackers to compromise the confidentiality and integrity of the protected information.
27 Apr 202100:00
bdu_fstec
Huntr
Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
30 Dec 202116:29
huntr
Circl
CVE-2020-10936
27 May 202022:55
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Nov 2022 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.17.8
CVSS 27.5
CVSS 39.8
EPSS0.03982
1