7.5
CVE-2002-0170
- EPSS 1.57%
- Veröffentlicht 22.04.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:55
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.57% | 0.722 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=101503023511996&w=2
http://www.iss.net/security_center/static/8334.php
http://www.osvdb.org/5350
http://www.redhat.com/support/errata/RHSA-2002-060.html
http://www.securityfocus.com/bid/4229
http://www.zope.org/Products/Zope/hotfixes/