Vulnerabilities > CVE-2006-4247 - Remote Security vulnerability in Plone

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

plone

NVD

Published: 2006-09-29

Updated: 2008-09-05

Summary

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."

Vulnerable Configurations

Part	Description	Count
Application	Plone Plone Plone 2.5 Plone Plone 2.5.1_Rc	2

References

http://plone.org/about/security/advisories/cve-2006-4247