6.8
CVE-2011-1571
- EPSS 8.47%
- Veröffentlicht 07.05.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:29:39
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Liferay ≫ Liferay Portal SwEditioncommunity Version >= 5.1.0 <= 5.1.2
Liferay ≫ Liferay Portal SwEditioncommunity Version >= 6.0.0 <= 6.0.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.47% | 0.944 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://openwall.com/lists/oss-security/2011/03/29/1
http://openwall.com/lists/oss-security/2011/04/08/5
http://openwall.com/lists/oss-security/2011/04/11/9
http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952
http://issues.liferay.com/browse/LPS-14726