6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.2%
Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors.
pypi.python.org/pypi/ZODB3/3.8.3
pypi.python.org/pypi/ZODB3/3.9.0c2
www.vupen.com/english/advisories/2009/2534
github.com/advisories/GHSA-m52m-2qpx-9j4j
github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-10.yaml
mail.zope.org/pipermail/zope-announce/2009-September/002221.html
nvd.nist.gov/vuln/detail/CVE-2009-2701