6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
71.7%
SetucoCMS provided by SetucoCMS Project is a content management system (CMS). SetucoCMS contains multiple vulnerabilities listed below.
Cross-site request forgery - CVE-2016-4891
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | Base Score: 5.4 |
CVSS v2 | AV:N/AC:H/Au:N/C:P/I:P/A:N | Base Score: 4.0 |
Cross-site scripting - CVE-2016-4892
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | Base Score: 6.1 |
CVSS v2 | AV:N/AC:M/Au:N/C:N/I:P/A:N | Base Score: 4.3 |
SQL injection - CVE-2016-4893
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | Base Score: 6.3 |
CVSS v2 | AV:N/AC:L/Au:S/C:P/I:P/A:P | Base Score: 6.5 |
Denial-of-service (DoS) - CVE-2016-4894
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | Base Score: 5.3 |
CVSS v2 | AV:N/AC:L/Au:N/C:N/I:N/A:P | Base Score: 5.0 |
Code injection - CVE-2016-4895
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | Base Score: 6.3 |
CVSS v2 | AV:N/AC:L/Au:S/C:P/I:P/A:P | Base Score: 6.5 |
Session management - CVE-2016-4896
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N | Base Score: 4.2 |
CVSS v2 | AV:N/AC:H/Au:N/C:P/I:P/A:N | Base Score: 4.0 |
The impact of each vulnerability is as follows.
Do not use SetucoCMS
SetucoCMS is no longer being developed or maintained.
It is recommended to stop using SetucoCMS.
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
71.7%