CVE-2011-1571
Published May 7, 2011
Last updated 4 years ago
Overview
- Description
- Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AEE2383-4164-4729-8A51-EC4F5C4CB086",
"versionEndIncluding": "5.1.2",
"versionStartIncluding": "5.1.0"
},
{
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36D6FB97-DA02-4BE8-9546-2676F79BD9BA",
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0.0"
}
],
"operator": "OR"
}
]
}
]