Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
CVE Informations
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:P/A:N | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 27630
Publication date : 2006-04-11 22h00 +00:00
Author : MJ0011
EDB Verified : Yes
source: https://www.securityfocus.com/bid/17484/info
Plone is susceptible to a remote access-control bypass vulnerability. This issue is due to the application's failure to properly enforce privileges to various MembershipTool methods.
This issue allows remote, anonymous attackers to modify and delete portrait images of members. This may help attackers exploit latent vulnerabilities in image-rendering software. Other attacks may also be possible.
curl -F portrait=<path_to_file> --form-string member_id=[username] http://www.example.com/portal_membership/changeMemberPortrait
Products Mentioned
Configuraton 0
Plone>>Plone >> Version 2.0.5
- Plone>>Plone >> Version 2.0.5 (Open CPE detail)
Plone>>Plone >> Version 2.1.2
- Plone>>Plone >> Version 2.1.2 (Open CPE detail)
Plone>>Plone >> Version 2.5_beta1
