mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
107 lines
3.2 KiB
JSON
107 lines
3.2 KiB
JSON
{
|
|
"id": "CVE-2006-7218",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-07-06T19:30:00.000",
|
|
"lastModified": "2024-11-21T00:24:39.853",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "eZ publish before 3.8.1 does not properly enforce permissions for \"content edit Language\" when there are four or more languages, which allows remote authenticated users to perform translations into languages that are not listed in a Module Function Limitation policy."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "eZ publish versiones anteriores a 3.8.1 no hace cumplir los permisos apropiadamente para \"Idioma de edici\u00f3n de contenido\" cuando hay cuatro o m\u00e1s idiomas, lo cual permite a usuarios remotos autenticados realizar traducciones en idiomas que no se listan en una pol\u00edtica de Limitaci\u00f3n de M\u00f3dulo de Funci\u00f3n."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
|
|
"baseScore": 4.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.8.0",
|
|
"matchCriteriaId": "2CDE6E82-F846-4CB2-914B-2C823676D8C5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_8_0_to_3_8_1",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_9/changelog_3_8_0_to_3_9_0",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://issues.ez.no/8539",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_8_0_to_3_8_1",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_9/changelog_3_8_0_to_3_9_0",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://issues.ez.no/8539",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |