Vulnerabilities > CVE-2009-1055 - Unspecified vulnerability in Sitecore CMS 5.3.0/5.3.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sitecore
nessus
Summary
Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | CGI abuses |
NASL id | SITECORE_INFO_DISCLOSURE.NASL |
description | The remote host is running a version of Sitecore CMS which is reportedly affected by an information disclosure vulnerability. An attacker could exploit this in order to gain unauthorized access to security databases. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 36018 |
published | 2009-03-26 |
reporter | This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/36018 |
title | Sitecore CMS < 5.3.2 rev. 090212 Web Service Security Database Information Disclosure |
code |
|
References
- http://www.vupen.com/english/advisories/2009/0753
- http://www.securityfocus.com/bid/34162
- http://secunia.com/advisories/34356
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49298
- http://www.securityfocus.com/archive/1/501929/100/0/threaded
- http://sdn5.sitecore.net/Products/Sitecore%20V5/Sitecore%20CMS%205%2C-d-%2C3/ReleaseNotes/V5%2C-d-%2C3%2C-d-%2C2/ChangeLog.aspx