Skip to main content

Uportal

2 CVEs product

Monthly

CVE-2014-3417 MEDIUM PATCH This Month

uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Uportal
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-3416 MEDIUM PATCH This Month

uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Uportal
NVD
CVSS 2.0
6.5
EPSS
0.3%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Uportal
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Uportal
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy