PT-2000-1991 · Zope · Zope

Publicado

2000-12-16

Atualizado

2022-04-30

CVE-2000-1211

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Zope versions 2.2.0 through 2.2.4

Description The issue concerns improper security registration for legacy names of object constructors, such as DTML method objects. This could allow attackers to perform unauthorized activities.

Recommendations For versions 2.2.0 through 2.2.4, update to a version that properly performs security registration for legacy object constructor names to prevent unauthorized activities.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2000-1211

GHSA-H2XH-JVPF-XQ42

Produtos afetados

Zope

PT-2000-1991 · Zope · Zope

CVE-2000-1211

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10