Main Vulnerability Database Vulnerabilities #VU13874

Privilege escalation in Kunena - #VU13874

Published: July 16, 2018

Vulnerability identifier: #VU13874

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Kunena

Software vendor:
The Kunena Project

Description

The vulnerability allows an adjacent attacker to gain elevated privileges on the target system.

The weakness exists due to unspecified flaw. An adjacent attacker can gain full privileges on a users uploaded attachments.

Remediation

Update to version 5.1.2.

External links

https://www.kunena.org/blog/194-kunena-5-1-2-released

Privilege escalation in Kunena - #VU13874

Description

Remediation

External links

Please verify you're human