CVE-2010-5089

EUVD-2010-5053
SilverStripe before 2.4.2 does not properly restrict access to pages in draft mode, which allows remote attackers to obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
silverstripesilverstripe
𝑥
≤ 2.4.1
silverstripesilverstripe
2.0.0
silverstripesilverstripe
2.0.1
silverstripesilverstripe
2.0.2
silverstripesilverstripe
2.1.0
silverstripesilverstripe
2.1.1
silverstripesilverstripe
2.2.0
silverstripesilverstripe
2.2.1
silverstripesilverstripe
2.2.2
silverstripesilverstripe
2.2.4
silverstripesilverstripe
2.3.0
silverstripesilverstripe
2.3.0:rc1
silverstripesilverstripe
2.3.0:rc2
silverstripesilverstripe
2.3.0:rc3
silverstripesilverstripe
2.3.1
silverstripesilverstripe
2.3.1:rc1
silverstripesilverstripe
2.3.1:rc2
silverstripesilverstripe
2.3.2
silverstripesilverstripe
2.3.3
silverstripesilverstripe
2.3.4
silverstripesilverstripe
2.3.5
silverstripesilverstripe
2.3.6
silverstripesilverstripe
2.3.7
silverstripesilverstripe
2.3.8
silverstripesilverstripe
2.3.9
silverstripesilverstripe
2.3.10
silverstripesilverstripe
2.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.2
http://open.silverstripe.org/changeset/110757
http://www.openwall.com/lists/oss-security/2012/04/30/1
http://www.openwall.com/lists/oss-security/2012/04/30/3
http://www.openwall.com/lists/oss-security/2012/05/01/3
http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.2
http://open.silverstripe.org/changeset/110757
http://www.openwall.com/lists/oss-security/2012/04/30/1
http://www.openwall.com/lists/oss-security/2012/04/30/3
http://www.openwall.com/lists/oss-security/2012/05/01/3