CVE-2011-4929

Published Oct 8, 2012

Last updated 12 years ago

Overview

Description: Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.
Source: secalert@redhat.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7129BEFA-1A70-43A8-A27B-EA1B2B8BDF75"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2C96214-FB72-4423-AFCD-D66E531BD6C1"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AAF1F2E-7E6A-4F22-9511-77B4173239E5"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "785C388F-C871-4DE9-B636-5B127C71B017"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40F5A2B6-F225-4091-A491-B316D31A0C0E"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BA62C29-81F4-45E0-AFB6-E017AC207730"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:0.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBAA9096-AD1A-4C5B-92C6-00A46D41A5E3"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B86BADC4-2765-40C9-8D95-C6628497F292"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DED843A9-D03E-457B-AC21-784CF6197C83"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CB464C7-DEE0-4AF5-A782-D14965C76970"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B8E588D-54E8-4E9F-A191-965923AF7DB0"
          },
          {
            "criteria": "cpe:2.3:a:redmine:redmine:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31BDDECE-EF68-414B-B5D2-CEB31E25327B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References