CVE-2012-1248
Published May 15, 2012
Last updated 3 years ago
Overview
- Description
- app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.1
- Impact score
- 6.4
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E177355-90F0-4AE1-A974-AE1F1AF59B2F",
"versionEndIncluding": "1.6.15"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24D12EBB-50CA-4491-98CF-1D78F4DCEBC5"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA5D363F-B372-4858-A05D-4DF7128E9B30"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B23DD28B-4026-49DA-8ED2-958C2D413743"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "017C1673-F9F3-4F6F-94FE-086726A5DD86"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FA3FCED-8667-49E3-BF87-C6C053CE509B"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.5.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE4A6DD-E864-4C93-A378-013E6BCDC2EA"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDF547F8-8D6B-451B-9855-5CB54265361B"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "725389EC-421C-49FF-9E1B-983EBD461395"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84740A0A-E240-4918-8560-A47B6C763794"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD1B50C5-2103-48C4-B722-02ECEEF4A57E"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AC3ABEA-A1D5-4CAE-BE39-5B5E13D8D864"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72258051-C4CB-48A5-ABA6-800B905B262C"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80B26377-F7DF-49B9-8B9A-A85A9DB7752E"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDF17F32-1264-45FD-B75B-936129D47F0E"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D767AF3D-CA44-45CD-96F9-E3F52F685876"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8B0526C-C10F-4500-89E0-CD73D1B5D37E"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "850934DF-8CCE-4F37-B68A-1DA78E02729C"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE109C1E-7BBF-4A74-ADDF-934DD043A021"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3146BD38-B48F-459B-87A1-9766AC0EFD9C"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A6F0689-8AB7-4333-8344-36CD3214836F"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0391BCBC-E09C-44FC-8BE4-F9DEB162EB24"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DC8C543-8332-43E1-BC0D-5B26DB08DD11"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83269CF4-4C66-4BB0-AE16-AE4D19ED6702"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.11.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DEC8A79-8C9F-4953-8EE2-E9D114C0FB8C"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7202398-594A-414A-BAA2-B841236B53E5"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0178B221-7327-4A11-A4F6-1C3244871D6F"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFEE9E7C-44D3-482E-8115-8C6993155D46"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.13.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1F1E9F4-4AD4-465D-A71F-240BB3283425"
},
{
"criteria": "cpe:2.3:a:basercms:basercms:1.6.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5063D7EE-942D-4D27-98A3-C6C1226C9AF6"
}
],
"operator": "OR"
}
]
}
]