ID |
CVE-2006-4247
|
Summary |
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration." |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.4 (as of 05-09-2008 - 21:09) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
refmap
via4
|
|
Last major update |
05-09-2008 - 21:09 |
Published |
29-09-2006 - 19:07 |
Last modified |
05-09-2008 - 21:09 |