CVE-2011-1950

plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as...

Basic Information

CVE State: PUBLISHED
Reserved Date: May 09, 2011
Published Date: June 06, 2011
Last Updated: August 06, 2024
Vendor: Plone
Product: Plone
Description: plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.

CVSS Scores

CVSS v2.0

5.5

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploit Status

Exploited in the Wild: Yes (2011-06-06 19:00:00 UTC) Source

References

http://secunia.com/advisories/44775 http://www.securityfocus.com/bid/48005 https://exchange.xforce.ibmcloud.com/vulnerabilities/67695 http://osvdb.org/72729 http://securityreason.com/securityalert/8269 http://plone.org/products/plone/security/advisories/CVE-2011-1950 http://www.securityfocus.com/archive/1/518155/100/0/threaded

Known Exploited Vulnerability Information

Source	Added Date
CVE	2011-06-06 19:00:00 UTC

Timeline

CVE ID Reserved

May 09, 2011
CVE Published to Public

June 06, 2011
Added to KEVIntel

June 06, 2011