First published: Tue Sep 24 2019(Updated: )
CVE-2019-12617: Access escalation for CMS users with limited access through permission cache pollution
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/silverstripe/framework | >=4.3.0<4.3.5>=4.4.0<4.4.4 | |
Silverstripe silverstripe | <=4.3.3 | |
composer/silverstripe/framework | >=4.3.0<4.3.5 | 4.3.5 |
composer/silverstripe/framework | >=4.4.0<4.4.4 | 4.4.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-12617 is low with a severity value of 2.7.
CVE-2019-12617 affects SilverStripe versions 4.3.0 to 4.3.5 and 4.4.0 to 4.4.4.
The remedy for CVE-2019-12617 in SilverStripe is to upgrade to version 4.3.6 or 4.4.4.
Yes, you can download the fix for CVE-2019-12617 from the SilverStripe website.
You can find more information about CVE-2019-12617 on the SilverStripe website and the NVD website.