CVE-2008-6603 β€” Improper Access Control in Moinmoin

CWE-264CWE-284 β€” Improper Access Control10 documents5 sources
Severity
7.5HIGHNVD
NVD6.8GHSA6.8OSV6.8
EPSS
0.2%
top 56.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moinmo Moinmoin
Timeline
PublishedApr 3
Latest updateMay 17

Description

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

β–ΆNVDmoinmo/moinmoin7 versions+6

πŸ”΄Vulnerability Details

6
OSV
MoinMoin Access Restrictions Bypassed due to improper ACL enforcement↗2022-05-17
β–Ά
GHSA
MoinMoin Access Restrictions Bypassed due to improper ACL enforcement↗2022-05-17
β–Ά
OSV
MoinMoin Improper Access Control vulnerability↗2022-05-02
β–Ά
GHSA
MoinMoin Improper Access Control vulnerability↗2022-05-02
β–Ά
OSV
CVE-2009-4762: MoinMoin 1β†—2010-03-29
β–Ά

πŸ“‹Vendor Advisories

1
Red Hat
moin: incorrect processing of hierarchic ACLs↗2008-04-12
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2008-6603 moin: incorrect processing of hierarchic ACLs↗2008-04-24
β–Ά
CVE-2008-6603 β€” Improper Access Control in Moinmoin | cvebase