CVE-2014-2552 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2014-2552

CWE

https://cwe.mitre.org/data/definitions/264.html

Brookins Consulting (BC) Collected Information Export extension for eZ Publish 1.1.0 does not properly restrict access, which allows remote attackers to gain access to sensitive data.

Affected Software

Name	Vendor	Start Version	End Version
Collected_information_export	Brookinsconsulting	1.1.0 (including)	1.1.0 (including)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/92129
https://github.com/brookinsconsulting/bccie/commit/d11811baccf265ff567dddca03cac70b65838a4f
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2014-004/?fid=3853