CVE-2011-0720

EUVD-2011-0018
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
ploneplone
2.5
ploneplone
2.5.1
ploneplone
2.5.2
ploneplone
2.5.3
ploneplone
2.5.4
ploneplone
2.5.5
ploneplone
3.0
ploneplone
3.0.1
ploneplone
3.0.2
ploneplone
3.0.3
ploneplone
3.0.4
ploneplone
3.0.5
ploneplone
3.0.6
ploneplone
3.1
ploneplone
3.1.1
ploneplone
3.1.2
ploneplone
3.1.3
ploneplone
3.1.4
ploneplone
3.1.5.1
ploneplone
3.1.6
ploneplone
3.1.7
ploneplone
3.2
ploneplone
3.2.1
ploneplone
3.2.2
ploneplone
3.2.3
ploneplone
3.3
ploneplone
3.3.1
ploneplone
3.3.2
ploneplone
3.3.3
ploneplone
3.3.4
ploneplone
3.3.5
ploneplone
4.0
redhatconga
*
redhatluci
*
𝑥
= Vulnerable software versions
References
http://osvdb.org/70753
http://plone.org/products/plone/security/advisories/cve-2011-0720
http://secunia.com/advisories/43146
http://secunia.com/advisories/43914
http://www.redhat.com/support/errata/RHSA-2011-0393.html
http://www.redhat.com/support/errata/RHSA-2011-0394.html
http://www.securityfocus.com/bid/46102
http://www.securitytracker.com/id?1025258
http://www.vupen.com/english/advisories/2011/0796
https://exchange.xforce.ibmcloud.com/vulnerabilities/65099
http://osvdb.org/70753
http://plone.org/products/plone/security/advisories/cve-2011-0720
http://secunia.com/advisories/43146
http://secunia.com/advisories/43914
http://www.redhat.com/support/errata/RHSA-2011-0393.html
http://www.redhat.com/support/errata/RHSA-2011-0394.html
http://www.securityfocus.com/bid/46102
http://www.securitytracker.com/id?1025258
http://www.vupen.com/english/advisories/2011/0796
https://exchange.xforce.ibmcloud.com/vulnerabilities/65099