| Added |
CVSS V3.1 |
|
NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| Added |
CWE |
|
NIST CWE-918
|
| Added |
CPE Configuration |
|
OR
*cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.2:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.3:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.4:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.5:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.6:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.7:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.8:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.9:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.10:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.11:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.12:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.14:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.15:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.17:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.18:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.19:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:4.3.20:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0:-:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0:rc1:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0:rc2:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0:rc3:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.1:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.2:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.3:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.4:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.5:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.6:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.7:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.8:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.9:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.0.10:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1:alpha2:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.1:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.2:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.4:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.5:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.6:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1.7:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1a1:alpha1:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1a2:beta4:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1b2:beta3:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1b3:beta2:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1b4:rc2:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1rc1:rc1:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.1rc2:-:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.2.0:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.2.1:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.2.2:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.2.3:*:*:*:*:*:*:*
*cpe:2.3:a:plone:plone:5.2.4:*:*:*:*:*:*:*
|
| Changed |
Reference Type |
https://github.com/s-kustm/Subodh/blob/master/Plone%205.2.4%20Vulnerable%20to%20bilend%20SSRF.pdf No Types Assigned
|
https://github.com/s-kustm/Subodh/blob/master/Plone%205.2.4%20Vulnerable%20to%20bilend%20SSRF.pdf Exploit, Third Party Advisory
|
| Changed |
Reference Type |
https://plone.org/security/hotfix/20210518 No Types Assigned
|
https://plone.org/security/hotfix/20210518 Release Notes
|
| Changed |
Reference Type |
https://plone.org/security/hotfix/20210518/blind-ssrf-via-feedparser-accessing-an-internal-url No Types Assigned
|
https://plone.org/security/hotfix/20210518/blind-ssrf-via-feedparser-accessing-an-internal-url Vendor Advisory
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
