CVE-2018-14836

EUVD-2018-6719
Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
subrionsubrion_cms
4.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/intelliants/subrion/issues/762
https://github.com/intelliants/subrion/issues/762