6.5

CVE-2009-3298

Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MaharaMahara Version <= 1.0.12
MaharaMahara Version1.0.0
MaharaMahara Version1.0.1
MaharaMahara Version1.0.2
MaharaMahara Version1.0.3
MaharaMahara Version1.0.4
MaharaMahara Version1.0.5
MaharaMahara Version1.0.6
MaharaMahara Version1.0.7
MaharaMahara Version1.0.8
MaharaMahara Version1.0.10
MaharaMahara Version1.0.11
MaharaMahara Version1.1.0
MaharaMahara Version1.1.0 Updatealpha1
MaharaMahara Version1.1.0 Updatealpha2
MaharaMahara Version1.1.0 Updatealpha3
MaharaMahara Version1.1.0 Updatebeta1
MaharaMahara Version1.1.0 Updatebeta2
MaharaMahara Version1.1.0 Updatebeta3
MaharaMahara Version1.1.0 Updatebeta4
MaharaMahara Version1.1.0 Updaterc1
MaharaMahara Version1.1.0 Updaterc2
MaharaMahara Version1.1.1
MaharaMahara Version1.1.2
MaharaMahara Version1.1.3
MaharaMahara Version1.1.4
MaharaMahara Version1.1.5
MaharaMahara Version1.1.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.32% 0.812
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 8 6.4
AV:N/AC:L/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://eduforge.org/frs/shownotes.php?release_id=546
Patch
http://eduforge.org/frs/shownotes.php?release_id=547
http://mahara.org/interaction/forum/topic.php?id=1169
Vendor Advisory
http://secunia.com/advisories/37217
Vendor Advisory
http://secunia.com/advisories/37218
Vendor Advisory
http://www.debian.org/security/2009/dsa-1924
http://www.osvdb.org/59584
http://www.securityfocus.com/bid/36893
Patch
http://www.vupen.com/english/advisories/2009/3101
Patch
Vendor Advisory