ID CVE-2017-15639
Summary tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable feeds" feature.
References
Vulnerable Configurations
  • cpe:2.3:a:getmura:mura_cms:*:*:*:*:*:*:*:*
    cpe:2.3:a:getmura:mura_cms:*:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 08-11-2017 - 13:50)
Impact:
Exploitability:
CWE CWE-611
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
bid 101603
confirm http://www.getmura.com/blog/critical-security-update-for-mura-cms-version-6-1-and-earlier/
exploit-db 43045
vulnerable_product via4 cpe:2.3:a:getmura:mura_cms:*:*:*:*:*:*:*:*
Last major update 08-11-2017 - 13:50
Published 19-10-2017 - 19:29
Back to Top