CVE-2012-6431
Published Dec 27, 2012
Last updated 12 years ago
Overview
- Description
- Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8"
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425"
}
],
"operator": "OR"
}
]
}
]