CVE-2000-0483

CWE-287Improper Authentication6 documents6 sources
Severity
7.5HIGH
EPSS
1.5%
top 19.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Linux PowertoolsZope Zope
Timeline
PublishedJun 15
Latest updateMay 3

Description

The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

PyPIzope2.2
NVDzope/zope1.10.3, 2.1.1, 2.1.7+2
NVDredhat/linux_powertools6.1, 6.2+1

Patches

Patch: archives.neohapsis.comPatch: www.zope.orgPatch: archives.neohapsis.com

🔴Vulnerability Details

3
GHSA
Zope DocumentTemplate package allows unauthenticated write2022-05-03
OSV
Zope DocumentTemplate package allows unauthenticated write2022-05-03
CVEList
CVE-2000-0483: The DocumentTemplate package in Zope 22000-10-13

📋Vendor Advisories

1
Red Hat
security flaw2000-06-15

💬Community

1
Bugzilla
CVE-2000-0483 security flaw2018-08-16
CVE-2000-0483 (HIGH CVSS 7.5) | The DocumentTemplate package in Zop | cvebase.io