CVE-2014-125054

Published: Jan 7, 2023Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The patch is identified as 7f3c7407d95d532fcc342b00d68d0ea09ca71030. It is recommended to apply a patch to fix this issue. VDB-217594 is the identifier assigned to this vulnerability.

Affected (1)

Products: Reddit On Rails Project: Reddit On Rails

Reddit On Rails Project

1 product

Reddit On Rails

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Reddit On Rails Project Reddit On Rails	Before 2014-12-19

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030

Source: cna@vuldb.com

PatchThird Party Advisory

https://vuldb.com/?ctiid.217594

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?id.217594

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://vuldb.com/?ctiid.217594

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://vuldb.com/?id.217594

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.