4.9
CVE-2011-2674
- EPSS 1.34%
- Veröffentlicht 02.10.2011 02:53:33
- Zuletzt bearbeitet 16.06.2026 23:31:46
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginBaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.677 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 6.8 | 4.9 |
AV:N/AC:M/Au:S/C:P/I:P/A:N
|
http://basercms.net/patch/JVN09789751
http://jvn.jp/en/jp/JVN16617002/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000066