CVE-2011-1950

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-1950
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.

5.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://osvdb.org/72729
http://plone.org/products/plone/security/advisories/CVE-2011-1950 Patch Vendor Advisory
http://secunia.com/advisories/44775 Vendor Advisory
http://securityreason.com/securityalert/8269
http://www.securityfocus.com/archive/1/518155/100/0/threaded
http://www.securityfocus.com/bid/48005
https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
http://osvdb.org/72729
http://plone.org/products/plone/security/advisories/CVE-2011-1950 Patch Vendor Advisory
http://secunia.com/advisories/44775 Vendor Advisory
http://securityreason.com/securityalert/8269
http://www.securityfocus.com/archive/1/518155/100/0/threaded
http://www.securityfocus.com/bid/48005
https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*
History

21 Nov 2024, 01:27

Type Values Removed Values Added
References () http://osvdb.org/72729 - () http://osvdb.org/72729 -
References () http://plone.org/products/plone/security/advisories/CVE-2011-1950 - Patch, Vendor Advisory () http://plone.org/products/plone/security/advisories/CVE-2011-1950 - Patch, Vendor Advisory
References () http://secunia.com/advisories/44775 - Vendor Advisory () http://secunia.com/advisories/44775 - Vendor Advisory
References () http://securityreason.com/securityalert/8269 - () http://securityreason.com/securityalert/8269 -
References () http://www.securityfocus.com/archive/1/518155/100/0/threaded - () http://www.securityfocus.com/archive/1/518155/100/0/threaded -
References () http://www.securityfocus.com/bid/48005 - () http://www.securityfocus.com/bid/48005 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/67695 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/67695 -
Information

Published : 2011-06-06 19:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-1950

Mitre link : CVE-2011-1950

CVE.ORG link : CVE-2011-1950

JSON object : View

Products Affected

plone

  • plone
CWE
CWE-264

Permissions, Privileges, and Access Controls