CVE-2011-2528

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-2528
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://plone.org/products/plone-hotfix/releases/20110622 Patch Vendor Advisory
http://plone.org/products/plone/security/advisories/20110622 Patch Vendor Advisory
http://secunia.com/advisories/45056 Vendor Advisory
http://secunia.com/advisories/45111 Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/07/04/6 Patch
http://www.openwall.com/lists/oss-security/2011/07/12/9 Patch
https://bugzilla.redhat.com/show_bug.cgi?id=718824 Patch
https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html Patch
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:plone:plone_hotfix_20110720:*:*:*:*:*:*:*:*
OR cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*
History

No history.

Information

Published : 2011-07-19 20:55

Updated : 2023-12-10 11:03

NVD link : CVE-2011-2528

Mitre link : CVE-2011-2528

CVE.ORG link : CVE-2011-2528

JSON object : View

Products Affected

plone

  • plone_hotfix_20110720
  • plone

zope

  • zope
CWE
NVD-CWE-noinfo