9.8
CVE-2014-2552
- EPSS 3.75%
- Veröffentlicht 27.04.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 02:06:31
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginBrookins Consulting (BC) Collected Information Export extension for eZ Publish 1.1.0 does not properly restrict access, which allows remote attackers to gain access to sensitive data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Brookinsconsulting ≫ Collected Information Export Version1.1.0 SwPlatformez_publish
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.75% | 0.885 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/92129
https://github.com/brookinsconsulting/bccie/commit/d11811baccf265ff567dddca03cac70b65838a4f
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2014-004/?fid=3853