CVE-2011-2774 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:S/C:P/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 41%

Affected Products (NVD)

Vendor	Product	Version
mahara	mahara	1.3.0
mahara	mahara	1.3.0:beta1
mahara	mahara	1.3.0:beta2
mahara	mahara	1.3.0:beta3
mahara	mahara	1.3.0:beta4
mahara	mahara	1.3.0:rc1
mahara	mahara	1.3.1
mahara	mahara	1.3.2
mahara	mahara	1.3.3
mahara	mahara	1.3.4
mahara	mahara	1.3.5
mahara	mahara	1.3.6
mahara	mahara	1.3.7
mahara	mahara	1.4:rc1
mahara	mahara	1.4:rc2
mahara	mahara	1.4:rc3
mahara	mahara	1.4:rc4
mahara	mahara	1.4.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

mahara

hardy	dne
lucid	not-affected
maverick	not-affected
natty	not-affected
oneiric	Fixed 1.4.0-1ubuntu0.1 released

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://secunia.com/advisories/46719

https://launchpad.net/bugs/798128

https://launchpad.net/mahara/+milestone/1.4.1

http://secunia.com/advisories/46719

https://launchpad.net/bugs/798128

https://launchpad.net/mahara/+milestone/1.4.1