Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2013-4196

The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.

  • Published: Mar 11, 2014
  • Updated: Nov 9, 2025
  • CVE: CVE-2013-4196
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
plone / plone 4.3 4.3.x
plone / plone 4.3.1 4.3.1.x
plone / plone 3.3 3.3.x
plone / plone 4.0.5 4.0.5.x
plone / plone 3.0.1 3.0.1.x
plone / plone 3.0 3.0.x
plone / plone 3.2.3 3.2.3.x
plone / plone 3.1.4 3.1.4.x
plone / plone 3.1.5.1 3.1.5.1.x
plone / plone 2.1.4 2.1.4.x
plone / plone 4.0.2 4.0.2.x
plone / plone 3.3.5 3.3.5.x
plone / plone 3.0.6 3.0.6.x
plone / plone 2.5.4 2.5.4.x
plone / plone 3.2 3.2.x
plone / plone 3.1.1 3.1.1.x
plone / plone 2.1.1 2.1.1.x
plone / plone 3.3.4 3.3.4.x
plone / plone 3.3.2 3.3.2.x
plone / plone 4.0.4 4.0.4.x
plone / plone 3.1.7 3.1.7.x
plone / plone 2.5.1 2.5.1.x
plone / plone 4.1 4.1.x
plone / plone 2.5.3 2.5.3.x
plone / plone 3.2.2 3.2.2.x
plone / plone 2.1.2 2.1.2.x
plone / plone 3.0.3 3.0.3.x
plone / plone 3.3.1 3.3.1.x
plone / plone 3.0.4 3.0.4.x
plone / plone 3.1.2 3.1.2.x
plone / plone 3.2.1 3.2.1.x
plone / plone 4.0 4.0.x
plone / plone 3.0.5 3.0.5.x
plone / plone 4.0.6.1 4.0.6.1.x
plone / plone 2.5 2.5.x
plone / plone 2.5.2 2.5.2.x
plone / plone 4.0.1 4.0.1.x
plone / plone 3.0.2 3.0.2.x
plone / plone 2.1 2.1.x
plone / plone 3.1 3.1.x
plone / plone 3.3.3 3.3.3.x
plone / plone 2.1.3 2.1.3.x
plone / plone 3.1.6 3.1.6.x
plone / plone 3.1.3 3.1.3.x
plone / plone 4.0.3 4.0.3.x
plone / plone 2.5.5 2.5.5.x
plone / plone 4.2.3 4.2.3.x
plone / plone 4.2.2 4.2.2.x
plone / plone 4.2.5 4.2.5.x
plone / plone 4.2.4 4.2.4.x
plone / plone 4.2 4.2.x
plone / plone 4.2.1 4.2.1.x