CVE Vulnerabilities

CVE-2016-4041

Published: Feb 24, 2017 | Modified: Feb 27, 2017
CVSS 3.x
7.3
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Plone Plone 5.0 5.0
Plone Plone 4.3.3 4.3.3
Plone Plone 4.0.5 4.0.5
Plone Plone 4.3.6 4.3.6
Plone Plone 5.0.1 5.0.1
Plone Plone 4.2.3 4.2.3
Plone Plone 5.0.2 5.0.2
Plone Plone 5.0 5.0
Plone Plone 4.0.2 4.0.2
Plone Plone 4.3.5 4.3.5
Plone Plone 5.0.3 5.0.3
Plone Plone 4.3 4.3
Plone Plone 4.2.2 4.2.2
Plone Plone 4.0.8 4.0.8
Plone Plone 4.0.7 4.0.7
Plone Plone 4.2.7 4.2.7
Plone Plone 4.2.5 4.2.5
Plone Plone 5.0.4 5.0.4
Plone Plone 4.1.6 4.1.6
Plone Plone 4.0.4 4.0.4
Plone Plone 4.3.4 4.3.4
Plone Plone 4.0.9 4.0.9
Plone Plone 4.1.3 4.1.3
Plone Plone 4.1 4.1
Plone Plone 4.1.4 4.1.4
Plone Plone 4.0.10 4.0.10
Plone Plone 5.0 5.0
Plone Plone 4.0 4.0
Plone Plone 4.3.7 4.3.7
Plone Plone 5.0 5.0
Plone Plone 4.3.8 4.3.8
Plone Plone 4.1.2 4.1.2
Plone Plone 4.1.5 4.1.5
Plone Plone 4.3.1 4.3.1
Plone Plone 4.2.6 4.2.6
Plone Plone 4.0.1 4.0.1
Plone Plone 4.1.1 4.1.1
Plone Plone 4.2.4 4.2.4
Plone Plone 4.3.9 4.3.9
Plone Plone 5.0 5.0
Plone Plone 4.0.3 4.0.3
Plone Plone 4.3.2 4.3.2
Plone Plone 4.2 4.2
Plone Plone 4.2.1 4.2.1

References