CVE-2000-1211

Published Dec 16, 2000

Last updated 16 years ago

Overview

Description: Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF3C0DAC-01B0-4C9D-9AA2-8F02F974DCFF"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0a1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D4E13A0-7384-49E3-A848-8E864C340F79"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EA5CE15-530A-400D-9FDF-7044CD8C6DDC"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7DC30CD-684E-4C53-833E-6EF2C8D1A3E3"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DABDC050-BF8B-4F8C-9FCD-4B0D86E46D60"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.0b4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C91E72CC-8AEA-49E5-BB7D-3C16E2E30A0D"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12A13ABF-9850-4AB8-A0C9-8D6B9F3D9862"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.1b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98EBD292-5FC6-4463-B085-A34D1DFDB0C3"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15B80335-5F59-4530-A241-437367369BD8"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53427D40-495B-4F37-95A5-6D069186CBB5"
          },
          {
            "criteria": "cpe:2.3:a:zope:zope:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DB2FC39-A95D-414E-A67E-66AF79A12CEB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References