CVE-2005-4854 : eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which all

eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.

Published 2005-12-31 05:00:00

Updated 2015-07-28 14:55:23

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2005-4854

Probability of exploitation activity in the next 30 days: 0.20%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 56 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-4854

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2005-4854

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2005-4854

Products affected by CVE-2005-4854

EZ » Ez Publish » Version: 3.5.0
cpe:2.3:a:ez:ez_publish:3.5.0:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.1
cpe:2.3:a:ez:ez_publish:3.5.1:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.2
cpe:2.3:a:ez:ez_publish:3.5.2:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.3
cpe:2.3:a:ez:ez_publish:3.5.3:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.4
cpe:2.3:a:ez:ez_publish:3.5.4:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.5
cpe:2.3:a:ez:ez_publish:3.5.5:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.6
cpe:2.3:a:ez:ez_publish:3.6.6:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.7
cpe:2.3:a:ez:ez_publish:3.6.7:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.8
cpe:2.3:a:ez:ez_publish:3.6.8:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.9
cpe:2.3:a:ez:ez_publish:3.6.9:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.1
cpe:2.3:a:ez:ez_publish:3.6.1:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.10
cpe:2.3:a:ez:ez_publish:3.6.10:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.11
cpe:2.3:a:ez:ez_publish:3.6.11:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.12
cpe:2.3:a:ez:ez_publish:3.6.12:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.12
cpe:2.3:a:ez:ez_publish:3.7.12:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.2
cpe:2.3:a:ez:ez_publish:3.7.2:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.3
cpe:2.3:a:ez:ez_publish:3.7.3:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.4
cpe:2.3:a:ez:ez_publish:3.7.4:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.11
cpe:2.3:a:ez:ez_publish:3.5.11:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.6
cpe:2.3:a:ez:ez_publish:3.5.6:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.8
cpe:2.3:a:ez:ez_publish:3.5.8:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.0
cpe:2.3:a:ez:ez_publish:3.6.0:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.2
cpe:2.3:a:ez:ez_publish:3.6.2:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.4
cpe:2.3:a:ez:ez_publish:3.6.4:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.1
cpe:2.3:a:ez:ez_publish:3.7.1:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.11
cpe:2.3:a:ez:ez_publish:3.7.11:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.5
cpe:2.3:a:ez:ez_publish:3.7.5:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.7
cpe:2.3:a:ez:ez_publish:3.7.7:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.9
cpe:2.3:a:ez:ez_publish:3.7.9:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.10
cpe:2.3:a:ez:ez_publish:3.5.10:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.7
cpe:2.3:a:ez:ez_publish:3.5.7:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.5.9
cpe:2.3:a:ez:ez_publish:3.5.9:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.3
cpe:2.3:a:ez:ez_publish:3.6.3:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.6.5
cpe:2.3:a:ez:ez_publish:3.6.5:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.0
cpe:2.3:a:ez:ez_publish:3.7.0:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.10
cpe:2.3:a:ez:ez_publish:3.7.10:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.6
cpe:2.3:a:ez:ez_publish:3.7.6:*:*:*:*:*:*:*
Matching versions
EZ » Ez Publish » Version: 3.7.8
cpe:2.3:a:ez:ez_publish:3.7.8:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-4854

Exploit prediction scoring system (EPSS) score for CVE-2005-4854

CVSS scores for CVE-2005-4854

CWE ids for CVE-2005-4854

References for CVE-2005-4854

Products affected by CVE-2005-4854