CVE-2011-2674

Published Oct 2, 2011

Last updated 3 years ago

Overview

Description: BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 4.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1123FD1-A332-463A-A098-6935962F305F",
            "versionEndIncluding": "1.6.11.4"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24D12EBB-50CA-4491-98CF-1D78F4DCEBC5"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA5D363F-B372-4858-A05D-4DF7128E9B30"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B23DD28B-4026-49DA-8ED2-958C2D413743"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "017C1673-F9F3-4F6F-94FE-086726A5DD86"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FA3FCED-8667-49E3-BF87-C6C053CE509B"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE4A6DD-E864-4C93-A378-013E6BCDC2EA"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDF547F8-8D6B-451B-9855-5CB54265361B"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "725389EC-421C-49FF-9E1B-983EBD461395"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84740A0A-E240-4918-8560-A47B6C763794"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD1B50C5-2103-48C4-B722-02ECEEF4A57E"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AC3ABEA-A1D5-4CAE-BE39-5B5E13D8D864"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72258051-C4CB-48A5-ABA6-800B905B262C"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80B26377-F7DF-49B9-8B9A-A85A9DB7752E"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDF17F32-1264-45FD-B75B-936129D47F0E"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D767AF3D-CA44-45CD-96F9-E3F52F685876"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8B0526C-C10F-4500-89E0-CD73D1B5D37E"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "850934DF-8CCE-4F37-B68A-1DA78E02729C"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE109C1E-7BBF-4A74-ADDF-934DD043A021"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3146BD38-B48F-459B-87A1-9766AC0EFD9C"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A6F0689-8AB7-4333-8344-36CD3214836F"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0391BCBC-E09C-44FC-8BE4-F9DEB162EB24"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DC8C543-8332-43E1-BC0D-5B26DB08DD11"
          },
          {
            "criteria": "cpe:2.3:a:basercms:basercms:1.6.11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83269CF4-4C66-4BB0-AE16-AE4D19ED6702"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References