PT-2019-13576 · Silverstripe · Silverstripe/Assets

Normann Lou

·

Publicado

2019-09-26

·

Atualizado

2020-07-15

·

CVE-2019-14273

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions SilverStripe assets version 4.0
Description The issue is related to broken access control on files in the affected software.
Recommendations For SilverStripe assets version 4.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Files Accessible to External Parties

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-552

Identificadores relacionados

CVE-2019-14273
GHSA-43JJ-2RWC-2M3F

Produtos afetados

Silverstripe/Assets