CVE-2012-3475

EPSS 1.51%
Veröffentlicht 12.08.2012 21:55:01
Zuletzt bearbeitet 16.06.2026 23:43:17
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

NVD 10 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ushahidi ≫ Ushahidi Platform Version <= 2.4.1

Ushahidi ≫ Ushahidi Platform Version1.0

Ushahidi ≫ Ushahidi Platform Version1.2

Ushahidi ≫ Ushahidi Platform Version2.0

Ushahidi ≫ Ushahidi Platform Version2.1

Ushahidi ≫ Ushahidi Platform Version2.2

Ushahidi ≫ Ushahidi Platform Version2.2.1

Ushahidi ≫ Ushahidi Platform Version2.3.1

Ushahidi ≫ Ushahidi Platform Version2.3.2

Ushahidi ≫ Ushahidi Platform Version2.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.51%	0.711

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://openwall.com/lists/oss-security/2012/08/09/5

https://github.com/ushahidi/Ushahidi_Web/commit/7892559

Patch

https://github.com/ushahidi/Ushahidi_Web/commit/fcdad03

Patch

https://nvd.nist.gov/vuln/detail/CVE-2012-3475

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-3475

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-3475

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2012-3475