CVE-2019-14273

Published: Sep 26, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

In SilverStripe assets 4.0, there is broken access control on files.

Affected (1)

Products: Silverstripe: Silverstripe

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Silverstripe Silverstripe	Up to 4.0.0

Related CWEs

Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (8)

https://forum.silverstripe.org/c/releases

Source: cve@mitre.org

Release NotesVendor Advisory

https://www.silverstripe.org/blog/tag/release

Source: cve@mitre.org

Release NotesVendor Advisory

https://www.silverstripe.org/download/security-releases/

Source: cve@mitre.org

Vendor Advisory

https://www.silverstripe.org/download/security-releases/CVE-2019-14273

Source: cve@mitre.org

Vendor Advisory

https://forum.silverstripe.org/c/releases

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://www.silverstripe.org/blog/tag/release

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://www.silverstripe.org/download/security-releases/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.silverstripe.org/download/security-releases/CVE-2019-14273

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.