CVE-2012-6567 — MEDIUM (6.5)

Q: What is CVE-2012-6567?

CVE-2012-6567 is a vulnerability with a CVSS score of 6.5 (MEDIUM). REDCap before 4.14.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the logic of a custom rule.

Q: How severe is CVE-2012-6567?

CVE-2012-6567 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-6567?

Check the references section above for vendor advisories and patch information. Affected products include: Project-Redcap Redcap.

Vulnerability Description

REDCap before 4.14.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the logic of a custom rule.

CVSS Score

6.5

MEDIUM

AV:N/AC:L/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Project-Redcap	Redcap	<= 4.13.18

Related Weaknesses (CWE)

CWE-20

References

http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf
http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf

FAQ

What is CVE-2012-6567?

CVE-2012-6567 is a vulnerability with a CVSS score of 6.5 (MEDIUM). REDCap before 4.14.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the logic of a custom rule.

How severe is CVE-2012-6567?

CVE-2012-6567 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-6567?

Check the references section above for vendor advisories and patch information. Affected products include: Project-Redcap Redcap.