Lucene search
RedhatCVE-2013-0305HistoryMay 02, 2013 - 2:55 p.m.
CVE-2013-0305
2013-05-0214:55:05
CWE-200
redhat
web.nvd.nist.gov
69
django
security
remote access
administrator
nvd
cve-2013-0305
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
48.5%
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.
Affected configurations
Node
djangoprojectdjangoMatch1.3
ORdjangoprojectdjangoMatch1.3alpha1
ORdjangoprojectdjangoMatch1.3beta1
ORdjangoprojectdjangoMatch1.3.1
ORdjangoprojectdjangoMatch1.3.2
ORdjangoprojectdjangoMatch1.3.3
Node
djangoprojectdjangoMatch1.4
ORdjangoprojectdjangoMatch1.4alpha
ORdjangoprojectdjangoMatch1.4beta
ORdjangoprojectdjangoMatch1.4.1
ORdjangoprojectdjangoMatch1.4.2
Node
djangoprojectdjangoMatch1.5alpha
ORdjangoprojectdjangoMatch1.5beta
Node
canonicalubuntu_linuxMatch10.04-lts
ORcanonicalubuntu_linuxMatch11.10
ORcanonicalubuntu_linuxMatch12.04-lts
ORcanonicalubuntu_linuxMatch12.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| djangoproject | django | 1.3.3 | cpe:/a:djangoproject:django:1.3.3::: |
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3::: |
| djangoproject | django | 1.3.1 | cpe:/a:djangoproject:django:1.3.1::: |
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3:alpha1:: |
| djangoproject | django | 1.3.2 | cpe:/a:djangoproject:django:1.3.2::: |
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3:beta1:: |
Related
cvelist
cvelist
CVE-2013-0305
2013-05-02 14:00:00
github
github
Django Data leakage via admin history log
2022-05-05 02:48:46
debiancve
debiancve
CVE-2013-0305
2013-05-02 14:55:05
prion
prion
Information disclosure
2013-05-02 14:55:00
ubuntucve
ubuntucve
CVE-2013-0305
2013-02-20 00:00:00
osv
osv
PYSEC-2013-16
2013-05-02 14:55:00
Django Data leakage via admin history log
2022-05-05 02:48:46
python-django - several vulnerabilities
2013-02-27 00:00:00
nvd
nvd
CVE-2013-0305
2013-05-02 14:55:05
veracode
veracode
Information Disclosure Through Escalation Of Privileges
2019-01-15 09:00:39
gitlab
gitlab
Exposure of Sensitive Information to an Unauthorized Actor
2022-05-05 00:00:00
openvas
openvas
Fedora Update for python-django FEDORA-2013-2843
2013-03-15 00:00:00
Fedora Update for python-django FEDORA-2013-2843
2013-03-15 00:00:00
Debian: Security Advisory (DSA-2634-1)
2013-02-26 00:00:00
nessus
nessus
Fedora 17 : Django-1.4.5-1.fc17 (2013-2874)
2013-03-13 00:00:00
Fedora 18 : python-django-1.4.5-2.fc18 (2013-2843)
2013-03-13 00:00:00
seebug
seebug
Django 1.3/1.4 ćçťćĺĄĺ俥ćŻćłé˛ćźć´
2013-02-22 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: python-django-1.4.5-2.fc18
2013-03-12 08:49:59
[SECURITY] Fedora 17 Update: Django-1.4.5-1.fc17
2013-03-12 08:54:04
securityvulns
securityvulns
[SECURITY] [DSA 2634-1] python-django security update
2013-03-03 00:00:00
debian
debian
[SECURITY] [DSA 2634-1] python-django security update
2013-02-26 23:58:40
freebsd
freebsd
django -- multiple vulnerabilities
2013-02-21 00:00:00
redhat
redhat
(RHSA-2013:0670) Moderate: Django security update
2013-03-21 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2013-03-07 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
48.5%
Related for CVE-2013-0305