Lucene search
Ubuntu.comUB:CVE-2015-2172HistoryMar 30, 2015 - 12:00 a.m.
CVE-2015-2172
2015-03-3000:00:00
ubuntu.com
ubuntu.com
8
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
83.8%
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check
permissions for the ACL plugins, which allows remote authenticated users to
gain privileges and add or delete ACL rules via a request to the XMLRPC
API.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779547>
- <https://github.com/splitbrain/dokuwiki/issues/1056>
Notes
| Author | Note |
|---|---|
| tyhicks | Vulnerability is in XMLRPC API that is marked experimental and off by default |
Related
debiancve
debiancve
CVE-2015-2172
2015-03-30 14:59:00
mageia
mageia
Updated dokuwiki packages fix CVE-2015-2172
2015-03-05 22:34:09
prion
prion
Cross site request forgery (csrf)
2015-03-30 14:59:00
cve
cve
CVE-2015-2172
2015-03-30 14:59:00
fedora
fedora
[SECURITY] Fedora 21 Update: dokuwiki-0-0.24.20140929c.fc21
2015-03-26 21:44:25
[SECURITY] Fedora 22 Update: dokuwiki-0-0.24.20140929c.fc22
2015-03-26 22:07:58
[SECURITY] Fedora 20 Update: dokuwiki-0-0.24.20140929c.fc20
2015-03-26 21:39:47
nessus
nessus
Fedora 21 : dokuwiki-0-0.24.20140929c.fc21 (2015-3186)
2015-03-27 00:00:00
Fedora 22 : dokuwiki-0-0.24.20140929c.fc22 (2015-3079)
2015-03-27 00:00:00
Fedora 20 : dokuwiki-0-0.24.20140929c.fc20 (2015-3211)
2015-03-27 00:00:00
openvas
openvas
Fedora Update for dokuwiki FEDORA-2015-3079
2015-07-07 00:00:00
Fedora Update for dokuwiki FEDORA-2015-3211
2015-03-27 00:00:00
Fedora Update for dokuwiki FEDORA-2015-3186
2015-03-27 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:185 ] dokuwiki
2015-05-12 00:00:00
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
83.8%
Related for UB:CVE-2015-2172