CVE-2006-4247

EPSS 0.33%
Published 29.09.2006 19:07:00
Last modified 09.04.2025 00:30:58
Source security@debian.org
Teams watchlist Login
Open Login

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."

Affected products Warnungen 0 Metrics 2 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Plone ≫ Plone Version2.5

Plone ≫ Plone Version2.5.1_rc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.33%	0.554

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://plone.org/about/security/advisories/cve-2006-4247

Patch

https://nvd.nist.gov/vuln/detail/CVE-2006-4247

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4247

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4247

EUVD