Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a unique id for user actions and improper validation of a user identity.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dotnetnuke | Dotnetnuke | 4.4.1 (including) | 4.4.1 (including) |
| Dotnetnuke | Dotnetnuke | 4.5.2 (including) | 4.5.2 (including) |
| Dotnetnuke | Dotnetnuke | 4.5.4 (including) | 4.5.4 (including) |
| Dotnetnuke | Dotnetnuke | 4.5.5 (including) | 4.5.5 (including) |
| Dotnetnuke | Dotnetnuke | 4.6.0 (including) | 4.6.0 (including) |
| Dotnetnuke | Dotnetnuke | 4.6.1 (including) | 4.6.1 (including) |
| Dotnetnuke | Dotnetnuke | 4.6.2 (including) | 4.6.2 (including) |
| Dotnetnuke | Dotnetnuke | 4.7.0 (including) | 4.7.0 (including) |
| Dotnetnuke | Dotnetnuke | 4.8.0 (including) | 4.8.0 (including) |
| Dotnetnuke | Dotnetnuke | 4.8.1 (including) | 4.8.1 (including) |
| Dotnetnuke | Dotnetnuke | 4.8.2 (including) | 4.8.2 (including) |
| Dotnetnuke | Dotnetnuke | 4.8.3 (including) | 4.8.3 (including) |
| Dotnetnuke | Dotnetnuke | 4.8.4 (including) | 4.8.4 (including) |
References
- http://osvdb.org/48343
- http://secunia.com/advisories/31893
- http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
- http://www.securityfocus.com/bid/31145
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45081
- http://osvdb.org/48343
- http://secunia.com/advisories/31893
- http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx
- http://www.securityfocus.com/bid/31145
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45081