CVE-2011-2674

medium

Published 2011-10-02 · Modified 2024-01-15

CVSS v3

—

CVSS v2

4.9

VIR risk

4.9

Description

BaserCMS privilege escallation

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Package impact

Ecosystem	Package	Vulnerable	Fixed
Packagist	baserproject/basercms	`<1.6.12`	`1.6.12`

Application impact

Vendor	Product	Versions	Fixed
basercms	basercms	`{"endIncluding":"1.6.11.4"}`
basercms	basercms	`1.5.4`
basercms	basercms	`1.5.5`
basercms	basercms	`1.5.6`
basercms	basercms	`1.5.7`
basercms	basercms	`1.5.8`
basercms	basercms	`1.5.9`
basercms	basercms	`1.6.0`
basercms	basercms	`1.6.1`
basercms	basercms	`1.6.2`
basercms	basercms	`1.6.3`
basercms	basercms	`1.6.4`
basercms	basercms	`1.6.5`
basercms	basercms	`1.6.6`
basercms	basercms	`1.6.7`
basercms	basercms	`1.6.7.1`
basercms	basercms	`1.6.8`
basercms	basercms	`1.6.9`
basercms	basercms	`1.6.9.1`
basercms	basercms	`1.6.10`
basercms	basercms	`1.6.11`
basercms	basercms	`1.6.11.1`
basercms	basercms	`1.6.11.2`
basercms	basercms	`1.6.11.3`

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.