5

CVE-2012-1833

Exploit

EPSS 0.19%
Veröffentlicht 28.09.2012 21:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Springsource ≫ Grails Version <= 1.3.7

Springsource ≫ Grails Version1.1.0

Springsource ≫ Grails Version1.1.1

Springsource ≫ Grails Version1.1.2

Springsource ≫ Grails Version1.2.0

Springsource ≫ Grails Version1.2.1

Springsource ≫ Grails Version1.2.2

Springsource ≫ Grails Version1.3.0

Springsource ≫ Grails Version1.3.1

Springsource ≫ Grails Version1.3.2

Springsource ≫ Grails Version1.3.3

Springsource ≫ Grails Version1.3.4

Springsource ≫ Grails Version1.3.5

Springsource ≫ Grails Version1.3.6

Springsource ≫ Grails Version2.0

Springsource ≫ Grails Version2.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.409

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/51113

http://support.springsource.com/security/cve-2012-1833

Patch

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/55763

https://nvd.nist.gov/vuln/detail/CVE-2012-1833

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1833

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1833

EUVD