Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-2701HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-2701
2022-10-0316:24:07
Debian Security Bug Tracker
security-tracker.debian.org
5
zope enterprise objects
zeo storage-server
zope object database
remote authenticated users
arbitrary files
unix
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.2%
Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | zodb | < 1:3.9.0-1 | zodb_1:3.9.0-1_all.deb |
Related
cve
cve
CVE-2009-2701
2022-10-03 16:24:07
ubuntucve
ubuntucve
CVE-2009-2701
2009-09-08 00:00:00
nvd
nvd
CVE-2009-2701
2009-09-08 18:30:00
cvelist
cvelist
CVE-2009-2701
2022-10-03 16:24:07
osv
osv
PYSEC-2009-10
2009-09-08 18:30:00
Zope Object Database (ZODB) Arbitrary files reading and deletion
2022-05-02 03:37:58
prion
prion
Design/Logic Flaw
2009-09-08 18:30:00
github
github
Zope Object Database (ZODB) Arbitrary files reading and deletion
2022-05-02 03:37:58
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.2%
Related for DEBIANCVE:CVE-2009-2701