icon

We found results for “

CVE-2012-3473

Good to know:

icon

Date: August 12, 2012

The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Authentication Issues

CWE-287

Top Fix

icon

Upgrade Version

Upgrade to version 2.5

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us