What is the severity of CVE-2010-0288?

CVE-2010-0288 is rated as medium severity due to its potential to allow unauthorized access to closed wikis.

How do I fix CVE-2010-0288?

To resolve CVE-2010-0288, update DokuWiki to version 2009-12-25b or later, which addresses this vulnerability.

What kind of attacks does CVE-2010-0288 enable?

CVE-2010-0288 allows remote attackers to gain elevated privileges and access restricted areas of the wiki.

Which versions of DokuWiki are affected by CVE-2010-0288?

CVE-2010-0288 affects all versions of DokuWiki prior to version 2009-12-25b.

Is there a patch available for CVE-2010-0288?

Yes, the patch for CVE-2010-0288 is included in the DokuWiki update to version 2009-12-25b.

Vulnerability/
CVE-2010-0288

high

7.5

CWE

264

15/2/2010

7/8/2024

CVE-2010-0288

First published: Mon Feb 15 2010(Updated: )

A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
DokuWiki	<=release_2009-02-14
DokuWiki	=2006-03-05
DokuWiki	=2005-09-19
DokuWiki	=2005-07-13
DokuWiki	=2005-09-22
DokuWiki	=2006-03-09
DokuWiki	=2005-07-01
DokuWiki	=2004-07-04
DokuWiki	=2004-07-07
DokuWiki	=2004-07-12
DokuWiki	=2004-07-21
DokuWiki	=2004-07-25
DokuWiki	=2004-08-08
DokuWiki	=2004-08-15a
DokuWiki	=2004-08-22
DokuWiki	=2004-09-12
DokuWiki	=2004-09-25
DokuWiki	=2004-09-30
DokuWiki	=2004-11-01
DokuWiki	=2004-11-02
DokuWiki	=2004-11-10
DokuWiki	=2005-01-14
DokuWiki	=2005-01-15
DokuWiki	=2005-01-16a
DokuWiki	=2005-02-06
DokuWiki	=2005-02-18
DokuWiki	=2005-05-07
DokuWiki	=2006-03-09e
DokuWiki	=2006-06-04

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0288?
CVE-2010-0288 is rated as medium severity due to its potential to allow unauthorized access to closed wikis.
How do I fix CVE-2010-0288?
To resolve CVE-2010-0288, update DokuWiki to version 2009-12-25b or later, which addresses this vulnerability.
What kind of attacks does CVE-2010-0288 enable?
CVE-2010-0288 allows remote attackers to gain elevated privileges and access restricted areas of the wiki.
Which versions of DokuWiki are affected by CVE-2010-0288?
CVE-2010-0288 affects all versions of DokuWiki prior to version 2009-12-25b.
Is there a patch available for CVE-2010-0288?
Yes, the patch for CVE-2010-0288 is included in the DokuWiki update to version 2009-12-25b.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/dokuwiki
canonical/dokuwiki
version/dokuwiki/release_2009-02-14
version/dokuwiki/2006-03-05
version/dokuwiki/2005-09-19
version/dokuwiki/2005-07-13
version/dokuwiki/2005-09-22
version/dokuwiki/2006-03-09
version/dokuwiki/2005-07-01
version/dokuwiki/2004-07-04
version/dokuwiki/2004-07-07
version/dokuwiki/2004-07-12
version/dokuwiki/2004-07-21
version/dokuwiki/2004-07-25
version/dokuwiki/2004-08-08
version/dokuwiki/2004-08-15a
version/dokuwiki/2004-08-22
version/dokuwiki/2004-09-12
version/dokuwiki/2004-09-25
version/dokuwiki/2004-09-30
version/dokuwiki/2004-11-01
version/dokuwiki/2004-11-02
version/dokuwiki/2004-11-10
version/dokuwiki/2005-01-14
version/dokuwiki/2005-01-15
version/dokuwiki/2005-01-16a
version/dokuwiki/2005-02-06
version/dokuwiki/2005-02-18
version/dokuwiki/2005-05-07
version/dokuwiki/2006-03-09e
version/dokuwiki/2006-06-04