Vulnerability Description
Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Episerver | Episerver Cms | 5.1.422.4 |
References
- http://secunia.com/advisories/47910Vendor Advisory
- http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---ElVendor Advisory
- http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-
- http://www.securityfocus.com/bid/51877
- http://secunia.com/advisories/47910Vendor Advisory
- http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---ElVendor Advisory
- http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-
- http://www.securityfocus.com/bid/51877
FAQ
What is CVE-2012-1031?
CVE-2012-1031 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mo...
How severe is CVE-2012-1031?
CVE-2012-1031 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1031?
Check the references section above for vendor advisories and patch information. Affected products include: Episerver Episerver Cms.