Vulnerability Name: | CVE-2001-0128 (CCN-5777) | ||||||||
Assigned: | 2000-12-19 | ||||||||
Published: | 2000-12-19 | ||||||||
Updated: | 2017-10-10 | ||||||||
Summary: | Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-01:06 zope vulnerability allows escalation of privileges Source: FREEBSD Type: Patch, Vendor Advisory FreeBSD-SA-01:06 Source: MITRE Type: CNA CVE-2001-0128 Source: CONECTIVA Type: UNKNOWN CLA-2000:365 Source: CCN Type: Conectiva Linux Announcement CLSA-2000:365 Zope Source: CCN Type: RHSA-2000-127 new Zope-Hotfix package available Source: DEBIAN Type: Patch, Vendor Advisory DSA-006-1 Source: MANDRAKE Type: Patch MDKSA-2000-083 Source: OSVDB Type: UNKNOWN 6284 Source: CCN Type: OSVDB ID: 6284 Zope Local Role Computation Error Privilege Escalation Source: REDHAT Type: UNKNOWN RHSA-2000:127 Source: CCN Type: MandrakeSoft Security Advisory MDKSA-2000:086 Zope Source: XF Type: UNKNOWN zope-calculate-roles(5777) Source: XF Type: UNKNOWN zope-calculate-roles(5777) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |