fkie_cve-2011-2528
Vulnerability from fkie_nvd
Published
2011-07-19 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plone:plone_hotfix_20110720:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C4F762-6A49-4E9E-99DB-0952D8542F1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B647E76-E8B8-4329-8848-3B90EB262807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0A6B8F-4018-44DC-9862-45309619DC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F10374F-2BB3-48D2-B19F-9B2D038A8E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAC4F93-D26C-48F3-A7FF-8DC008FC2671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "552661B7-093D-4B3C-8770-FCDE6032AA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5180F9D2-E44B-455D-968C-792026AC832A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "636226E4-B880-41FE-A727-EF56CF8E6249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6E934A-C344-4861-8CD4-D18D52672D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25780BBE-8013-4100-9EA8-7EFC244399A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A089ED64-07E6-4F4C-97AE-AF74269A4DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2334C9-9B34-4C7D-93A2-172E596E05C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "354046F4-FA55-4AFC-935A-C803D36CDE86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1496A7-6D0A-4970-B0BF-83758065BC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "47DEF57C-92F0-4999-AF8E-CEE27EE92CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4BED4241-D823-402A-A389-7E52C410E2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9A55E6-F265-4BB8-8683-3E0CFA01EC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "970FD910-50A4-478A-ADE6-EB912C261DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A490523-1063-44E4-A72A-C23070279181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8559F17-63D1-45DB-8A28-47F729DC6686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC93803-6506-4382-A013-18010EE7E06B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E65977FD-A880-4D16-B56B-94A72774F42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA5B4F8-2155-403D-97D8-1272285D508B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CA2943-77E5-4384-A019-415BBCE62F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FF63F6-F1DC-4A97-A2E6-11CF613A31E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "538A3519-5B04-4FE5-A3C0-FD26EFA32705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "858CBC5A-C241-475C-8125-C5EA351B12A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E08F4534-A588-463F-A745-39E559AB1CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B64341BA-5722-415E-9771-9837168AB7C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2929227-AE19-428D-9AC3-D312A559039B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6DC866-0FEE-475B-855C-A69E004810CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "50BF3E8E-152C-4E89-BAA2-A952D10F4611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49DB97A7-89DD-43C0-A490-84AA7069764B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F88BF6-9058-4CB8-A2D6-5653860CF489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3FA2-15C3-444A-8810-5EF3E0E84D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C44B53B-953B-4522-A5B4-11573850D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2704CA8B-2AB3-48C7-85DC-66F9AD667E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "020F418B-589E-4864-89DB-29AAFBF41491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "FCE1948E-7DA4-4F5B-8BE0-6F775356F286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "44497A5B-01FC-4931-A478-5BC1C0E2E155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*",
"matchCriteriaId": "D53DE247-B6F9-43B5-A1C8-631183AF5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "0F6993A9-74C2-443B-8C58-FA5BA972573C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "029814EB-380B-4DE5-8E79-7DA8D3C78C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "BA8E46A4-1706-4E2D-9353-3E7F9C70E405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "CFF98E8F-3D3D-477E-A750-59C26156FD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F8805-2E74-40F6-BAE1-DB8187043611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3A0116-BDE0-490A-8CE6-0B4B0E003887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73D8DF4A-46E9-4D1F-88DF-2C0EB274B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB94584-6842-429F-A5E5-DFB3037B1DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0262630B-153C-47D8-A852-ADCADED1B4B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5E37A4-EE2F-4DCA-928F-553EDD487A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD494AD-C46F-455E-941B-8B6135EB3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1B485846-EC9D-426C-BFE0-A9E647D6C65D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E814BB0A-D5D3-4756-8135-0A7EFF9D8538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A638BB63-7F91-4A5E-9FEC-C19E2A585CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "98FD488D-8C25-4553-8F3E-E4AEACCBD23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "821C6F9D-B9F5-4525-870C-1F57943B008C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB9641A-97D9-4AC7-85F8-1604D5EBFECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*",
"matchCriteriaId": "14D1EA26-9BB1-4917-94BC-2E08864770FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEB553C-21A6-4670-A37A-C2A7D360512D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5767213A-DD93-4FDF-9E0E-B90814D71BC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9050973E-3A55-4601-B03E-138C3187F858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "9B7A80F2-F98D-4147-971D-C0C8CC61171A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "20900397-13D4-423F-B34A-B9CF7E664290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*",
"matchCriteriaId": "4894BEE3-918A-4391-8EEC-37A5C0037E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "AE1ADEFB-09F4-4677-853D-670AC646C319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*",
"matchCriteriaId": "5BB1F4C5-4F42-40F5-9180-ED60257BD7BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CD5888-B251-40B4-AF2D-F84ADCA66ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6623BA51-B166-41B6-A5AD-8230AD866B76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FE75C9-A9F0-40DB-B808-EC6015DE6613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D23B7F57-303C-41CE-8183-BE98799CB725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C42775B2-DF65-4CFE-9D75-4718AE19F994",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a \"highly serious vulnerability.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en (1) Zope v2.12.x antes de v2.12.19 y v2.13.x antes de v2.13.8, como la utilizada en Plone v4.x y otros productos, y (2) PloneHotfix20110720 para Plone v3.x permite a los atacantes obtener privilegios a trav\u00e9s de vectores no especificados, en relaci\u00f3n con una \"vulnerabilidad muy grave\". NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incorrecta para CVE-2.011 hasta 0720."
}
],
"id": "CVE-2011-2528",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-19T20:55:01.197",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45056"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45111"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…