CVE-2011-5093
Published Jun 4, 2012
Last updated 12 years ago
Overview
- Description
- Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging access to a privileged account, a different vulnerability than CVE-2011-4458 and CVE-2011-5092.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35364B8-6BB7-439D-9450-08FB11639E76"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F84987A7-103B-4473-9D4F-9F28880F6D9F"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E220C7C-D32C-4ED1-A056-074576B7B504"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57A903C6-3C9F-47A0-92F7-D5272B2622AC"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67EBD0AE-1A91-4690-8A07-0FB7342768FE"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1217A3C-2302-4E3B-BF35-4B16271A6FF6"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A72E5649-26E5-47DE-9CB4-019FEC8AF13E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E06E3C-4504-4325-BD89-9102315858C4"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1286FE-DB7C-48B1-82A9-A23C82984A21"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C89298A-DA7A-4DDD-A420-5B5BC0ABAF7E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60F0CE6D-3DFA-4432-9615-78718C1D5583"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A65F27F5-D134-4B94-BF93-CE32065B75B2"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1D6E744-5181-4E94-8B9B-3CA83648C7A7"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5315BD2E-AE5F-49F9-8451-0D2D64CE56B1"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "087B001A-78B6-46EB-8623-D8C680243867"
}
],
"operator": "OR"
}
]
}
]