6.8

CVE-2012-6432

Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SensiolabsSymfony Version2.0.0
SensiolabsSymfony Version2.0.1
SensiolabsSymfony Version2.0.2
SensiolabsSymfony Version2.0.3
SensiolabsSymfony Version2.0.4
SensiolabsSymfony Version2.0.5
SensiolabsSymfony Version2.0.6
SensiolabsSymfony Version2.0.7
SensiolabsSymfony Version2.0.8
SensiolabsSymfony Version2.0.9
SensiolabsSymfony Version2.0.10
SensiolabsSymfony Version2.0.11
SensiolabsSymfony Version2.0.12
SensiolabsSymfony Version2.0.13
SensiolabsSymfony Version2.0.14
SensiolabsSymfony Version2.0.15
SensiolabsSymfony Version2.0.16
SensiolabsSymfony Version2.0.17
SensiolabsSymfony Version2.0.18
SensiolabsSymfony Version2.0.19
SensiolabsSymfony Version2.0.20
SensiolabsSymfony Version2.1.0
SensiolabsSymfony Version2.1.1
SensiolabsSymfony Version2.1.2
SensiolabsSymfony Version2.1.3
SensiolabsSymfony Version2.2 Updatedev
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.596
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P