CVE-2009-4762
Published Mar 29, 2010
Last updated 14 years ago
Overview
- Description
- MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2863EC4-FAD5-4456-983F-F3676E887CF7"
},
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20921AD9-B2A9-417F-B83D-6013CD9F662E"
},
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB78616E-55AB-4C8A-874B-7DCF6E755E52"
},
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2584941F-5FE8-4636-B878-50CC5D4CC258"
},
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D06004B5-966B-48F5-87B4-7005DBC86D63"
},
{
"criteria": "cpe:2.3:a:moinmo:moinmoin:1.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C2C741A-220A-454C-8D21-6459DB2D67E8"
}
],
"operator": "OR"
}
]
}
]