PT-2018-4202 · Brookins Consulting+1 · Collected Information Export Extension+1
Publicado
2018-04-27
·
Atualizado
2018-06-06
·
CVE-2014-2552
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Brookins Consulting (BC) Collected Information Export extension for eZ Publish version 1.1.0
Description
The issue allows remote attackers to gain access to sensitive data due to improper access restriction.
Recommendations
For version 1.1.0, update the extension to properly restrict access to sensitive data, or consider disabling the extension until a proper fix is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Collected Information Export Extension
Ez Publish