CVE-2008-1099

_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
moinmoinmoinmoin
𝑥
≤ 1.5.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
moin
intrepid
not-affected
hardy
not-affected
gutsy
Fixed 1.5.7-3ubuntu2.1
released
feisty
ignored
edgy
ignored
dapper
Fixed 1.5.2-1ubuntu2.4
released
Common Weakness Enumeration
References
http://hg.moinmo.in/moin/1.5/rev/4a7de0173734
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/29262
http://secunia.com/advisories/29444
http://secunia.com/advisories/30031
http://secunia.com/advisories/33755
http://www.debian.org/security/2008/dsa-1514
http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml
http://www.securityfocus.com/bid/28177
https://exchange.xforce.ibmcloud.com/vulnerabilities/41038
https://usn.ubuntu.com/716-1/
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html
http://hg.moinmo.in/moin/1.5/rev/4a7de0173734
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/29262
http://secunia.com/advisories/29444
http://secunia.com/advisories/30031
http://secunia.com/advisories/33755
http://www.debian.org/security/2008/dsa-1514
http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml
http://www.securityfocus.com/bid/28177
https://exchange.xforce.ibmcloud.com/vulnerabilities/41038
https://usn.ubuntu.com/716-1/
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html