icon

We found results for “

CVE-2015-2172

Good to know:

icon

Date: March 30, 2015

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Improper Access Control

CWE-284

Top Fix

icon

Upgrade Version

Upgrade to version release_stable_2014_05_05d,release_stable_2014_09_29c

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us