CVE-2000-1211

EPSS 0.6%
Veröffentlicht 16.12.2000 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zope ≫ Zope Version2.2.0

Zope ≫ Zope Version2.2.0a1

Zope ≫ Zope Version2.2.0b1

Zope ≫ Zope Version2.2.0b2

Zope ≫ Zope Version2.2.0b3

Zope ≫ Zope Version2.2.0b4

Zope ≫ Zope Version2.2.1

Zope ≫ Zope Version2.2.1b1

Zope ≫ Zope Version2.2.2

Zope ≫ Zope Version2.2.3

Zope ≫ Zope Version2.2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.6%	0.67

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.iss.net/security_center/static/5824.php

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3

Patch

Vendor Advisory

http://www.osvdb.org/6282

http://www.redhat.com/support/errata/RHSA-2000-125.html

http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2000-1211

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-1211

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-1211

EUVD