Vulnerability Database
296,349
Total vulnerabilities in the database
CVE-2012-2315
admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action.
| Software | From | Fixed in |
|---|---|---|
| openkm / openkm | 5.1.8 | 5.1.8.x |
| openkm / openkm | - | 5.1.7.x |
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0007.html
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0021.html
- http://osvdb.org/78105
- http://secunia.com/advisories/47424
- http://www.openwall.com/lists/oss-security/2012/03/23/6
- http://www.openwall.com/lists/oss-security/2012/03/23/8
- http://www.openwall.com/lists/oss-security/2012/04/27/6
- http://www.openwall.com/lists/oss-security/2012/05/04/13
- http://www.openwall.com/lists/oss-security/2012/05/04/2
- http://www.securityfocus.com/bid/51250
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72112
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime