Vulnerabilities > CVE-2020-26246 - Improper Preservation of Permissions vulnerability in Pimcore

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
pimcore
CWE-281

Summary

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.

Vulnerable Configurations

Part Description Count
Application
Pimcore
135

Common Weakness Enumeration (CWE)