CVE-2013-7061

Published: May 2, 2014Modified: May 6, 2026

5.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability: 8.0 / Impact: 4.9

Source: NVD

Description

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.

Affected (33)

Products: Plone: Plone

Plone

1 product

Plone

Configuration A

33 vulnerable

Vulnerable Software	Affected Versions
Plone Plone	Version 3.3.1
Plone Plone	Version 3.3.2
Plone Plone	Version 3.3.3
Plone Plone	Version 3.3.4
Plone Plone	Version 3.3.5
Plone Plone	Version 3.3.6
Plone Plone	Version 3.3
Plone Plone	Version 4.0.1
Plone Plone	Version 4.0.2
Plone Plone	Version 4.0.3
Plone Plone	Version 4.0.4
Plone Plone	Version 4.0.5
Plone Plone	Version 4.0.7
Plone Plone	Version 4.0.9
Plone Plone	Version 4.0
Plone Plone	Version 4.1.1
Plone Plone	Version 4.1.2
Plone Plone	Version 4.1.3
Plone Plone	Version 4.1.4
Plone Plone	Version 4.1.5
Plone Plone	Version 4.1.6
Plone Plone	Version 4.1
Plone Plone	Version 4.2.1
Plone Plone	Version 4.2.2
Plone Plone	Version 4.2.3
Plone Plone	Version 4.2.4
Plone Plone	Version 4.2.5
Plone Plone	Version 4.2.6
Plone Plone	Version 4.2.7
Plone Plone	Version 4.2
Plone Plone	Version 4.3.1
Plone Plone	Version 4.3.2
Plone Plone	Version 4.3