CVE-2012-1565

Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://issues.ez.no/19238
http://osvdb.org/80098
http://secunia.com/advisories/48338	Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/03/19/13
http://www.openwall.com/lists/oss-security/2012/03/19/6
http://www.securityfocus.com/bid/52516
https://exchange.xforce.ibmcloud.com/vulnerabilities/74060

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ez:ez_publish:4.1.4:::::::*
	cpe:2.3:a:ez:ez_publish:4.2.0:::::::*
	cpe:2.3:a:ez:ez_publish:4.3.0:::::::*
	cpe:2.3:a:ez:ez_publish:4.4.0:::::::*
	cpe:2.3:a:ez:ez_publish:4.5.0:::::::*
	cpe:2.3:a:ez:ez_publish:4.6.0:::::::*

History

No history.

Information

Published : 2012-10-06 21:55

Updated : 2019-07-30 15:51

NVD link : CVE-2012-1565

Mitre link : CVE-2012-1565

CVE.ORG link : CVE-2012-1565

JSON object : View

Products Affected

ez

ez_publish

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-1565", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-10-06T21:55:04.160", "references": [{"url": "http://issues.ez.no/19238", "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/80098", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/48338", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/03/19/13", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/03/19/6", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/52516", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74060", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference."}, {"lang": "es", "value": "Vulnerabilidad no espec\u00edfica en ez Publish v4.1.4, v4.2, v4.3, v4.4, v4.5, y v4.6 tiene un impacto no determinado y vectores de ataque relacionados con referencia a un objeto directo inseguro."}], "lastModified": "2019-07-30T15:51:54.943", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ez:ez_publish:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9315D5B3-D1E9-42FD-8A9F-81C9DAB46D16"}, {"criteria": "cpe:2.3:a:ez:ez_publish:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D41CE6FC-9CCB-4D26-9F93-F9FBD2381A8E"}, {"criteria": "cpe:2.3:a:ez:ez_publish:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2666DB8-DDC1-4A65-8E8E-7917D1289D2B"}, {"criteria": "cpe:2.3:a:ez:ez_publish:4.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD8B4F4E-A514-4A66-8F0E-FC6621E582F5"}, {"criteria": "cpe:2.3:a:ez:ez_publish:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD1EAA68-6D35-416A-8203-E507FC76724A"}, {"criteria": "cpe:2.3:a:ez:ez_publish:4.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCAC4356-151D-40F9-8409-9281C696C257"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}