PT-2010-1571 · Moinmoin · Moinmoin

Published

2010-03-29

Updated

2022-05-02

CVE-2009-4762

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions MoinMoin versions 1.7.x through 1.7.2 MoinMoin versions 1.8.x through 1.8.2

Description The issue allows remote attackers to bypass intended access restrictions by requesting an item. This occurs due to the software checking parent ACLs in certain inappropriate circumstances during the processing of hierarchical ACLs.

Recommendations For MoinMoin versions 1.7.x through 1.7.2, update to version 1.7.3 or later. For MoinMoin versions 1.8.x through 1.8.2, update to version 1.8.3 or later.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-284

Related Identifiers

CVE-2009-4762

GHSA-JJ23-FJ2V-M872

PYSEC-2010-13

Affected Products

Moinmoin

PT-2010-1571 · Moinmoin · Moinmoin

CVE-2009-4762

Weakness Enumeration

Related Identifiers

Affected Products

References · 18