Vulnerability Description
Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sitecore | Cms | 5.3.0 |
References
- http://sdn5.sitecore.net/Products/Sitecore%20V5/Sitecore%20CMS%205%2C-d-%2C3/Rel
- http://secunia.com/advisories/34356Vendor Advisory
- http://www.securityfocus.com/archive/1/501929/100/0/threaded
- http://www.securityfocus.com/bid/34162
- http://www.vupen.com/english/advisories/2009/0753Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49298
- http://sdn5.sitecore.net/Products/Sitecore%20V5/Sitecore%20CMS%205%2C-d-%2C3/Rel
- http://secunia.com/advisories/34356Vendor Advisory
- http://www.securityfocus.com/archive/1/501929/100/0/threaded
- http://www.securityfocus.com/bid/34162
- http://www.vupen.com/english/advisories/2009/0753Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49298
FAQ
What is CVE-2009-1055?
CVE-2009-1055 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, v...
How severe is CVE-2009-1055?
CVE-2009-1055 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1055?
Check the references section above for vendor advisories and patch information. Affected products include: Sitecore Cms.