CVE-2000-1211

EPSS 0.6%
Published 16.12.2000 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Zope ≫ Zope Version2.2.0

Zope ≫ Zope Version2.2.0a1

Zope ≫ Zope Version2.2.0b1

Zope ≫ Zope Version2.2.0b2

Zope ≫ Zope Version2.2.0b3

Zope ≫ Zope Version2.2.0b4

Zope ≫ Zope Version2.2.1

Zope ≫ Zope Version2.2.1b1

Zope ≫ Zope Version2.2.2

Zope ≫ Zope Version2.2.3

Zope ≫ Zope Version2.2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.6%	0.67

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.iss.net/security_center/static/5824.php

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3

Patch

Vendor Advisory

http://www.osvdb.org/6282

http://www.redhat.com/support/errata/RHSA-2000-125.html

http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2000-1211

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-1211

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-1211

EUVD