CVE-2011-4030

Published Oct 10, 2011

Last updated 13 years ago

CVSS info 9.3

Overview

Description: The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0a1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E94E45E-ADAC-4CD6-B7E9-3F7C4C501BEE"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC31071B-BD99-490F-8B86-5441949AF65D"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07243926-511B-4464-96BA-B5FF2829FB2C"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBB08BCC-175E-4D97-B0E7-C5BA415DA45E"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAA5BDE2-D9A7-4088-B32A-C10DFC931792"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19166094-7736-4B98-A5E6-AD173ED4BC68"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00E46DF5-093B-4194-90DE-EC156D9E308D"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CF4166A-265D-4DB7-B629-C2C729EA8BAD"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6582FFEB-3F3A-4F4A-83A5-56DB5F66C1E1"
          },
          {
            "criteria": "cpe:2.3:a:plone:cmfeditions:2.0b9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B05ADE03-C904-4923-8931-28B154A3D01A"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E08F4534-A588-463F-A745-39E559AB1CB8"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B64341BA-5722-415E-9771-9837168AB7C0"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2929227-AE19-428D-9AC3-D312A559039B"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B6DC866-0FEE-475B-855C-A69E004810CD"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50BF3E8E-152C-4E89-BAA2-A952D10F4611"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49DB97A7-89DD-43C0-A490-84AA7069764B"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1F88BF6-9058-4CB8-A2D6-5653860CF489"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2AA3FA2-15C3-444A-8810-5EF3E0E84D58"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72F3B15A-CD0F-4CC5-A76F-E62637B30E2E"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C44B53B-953B-4522-A5B4-11573850D2CD"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F1818BB-E23A-4136-898D-1D0C80C08728"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CA5A1E3-EC1E-482D-B074-1304FBF963F2"
          },
          {
            "criteria": "cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References