CVE-2011-1950

EUVD-2011-0021
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
ploneplone
4.0
ploneplone
4.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
zope-cmfplone
hardy
ignored
lucid
dne
maverick
dne
natty
dne
Common Weakness Enumeration
References
http://osvdb.org/72729
http://plone.org/products/plone/security/advisories/CVE-2011-1950
http://secunia.com/advisories/44775
http://securityreason.com/securityalert/8269
http://www.securityfocus.com/archive/1/518155/100/0/threaded
http://www.securityfocus.com/bid/48005
https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
http://osvdb.org/72729
http://plone.org/products/plone/security/advisories/CVE-2011-1950
http://secunia.com/advisories/44775
http://securityreason.com/securityalert/8269
http://www.securityfocus.com/archive/1/518155/100/0/threaded
http://www.securityfocus.com/bid/48005
https://exchange.xforce.ibmcloud.com/vulnerabilities/67695