PT-2000-1991 · Zope · Zope

Published

2000-12-16

Updated

2022-04-30

CVE-2000-1211

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Zope versions 2.2.0 through 2.2.4

Description The issue concerns improper security registration for legacy names of object constructors, such as DTML method objects. This could allow attackers to perform unauthorized activities.

Recommendations For versions 2.2.0 through 2.2.4, update to a version that properly performs security registration for legacy object constructor names to prevent unauthorized activities.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2000-1211

GHSA-H2XH-JVPF-XQ42

Affected Products

Zope

PT-2000-1991 · Zope · Zope

CVE-2000-1211

Weakness Enumeration

Related Identifiers

Affected Products

References · 10