CVE-2012-0215

model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.debian.org/security/2012/dsa-2444
http://news.tryton.org/2012/03/security-releases-for-all-supported.html	Vendor Advisory
https://bugs.tryton.org/issue2476
http://hg.tryton.org/trytond/rev/8e64d52ecea4	Exploit Patch

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tryton:trytond:2.0.5:::::::*
	cpe:2.3:a:tryton:trytond:1.8.7:::::::*
	cpe:2.3:a:tryton:trytond:1.4.13:::::::*
	cpe:2.3:a:tryton:trytond:1.6.8:::::::*
	cpe:2.3:a:tryton:trytond::::::::

Information

Published : 2012-07-12 13:55

Updated : 2012-08-08 21:00

NVD link : CVE-2012-0215

Mitre link : CVE-2012-0215

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Advertisement

Products Affected

tryton

trytond

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.debian.org/security/2012/dsa-2444", "name": "DSA-2444", "tags": [], "refsource": "DEBIAN"}, {"url": "http://news.tryton.org/2012/03/security-releases-for-all-supported.html", "name": "http://news.tryton.org/2012/03/security-releases-for-all-supported.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://bugs.tryton.org/issue2476", "name": "https://bugs.tryton.org/issue2476", "tags": [], "refsource": "CONFIRM"}, {"url": "http://hg.tryton.org/trytond/rev/8e64d52ecea4", "name": "http://hg.tryton.org/trytond/rev/8e64d52ecea4", "tags": ["Exploit", "Patch"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-0215", "ASSIGNER": "security@debian.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-07-12T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:tryton:trytond:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tryton:trytond:1.8.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tryton:trytond:1.4.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tryton:trytond:1.6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tryton:trytond:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.2.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-08-09T04:00Z"}