CVE-2010-0935
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
05/03/2010
Last modified:
08/03/2010
Description
Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:perforce:perforce_server:*:*:*:*:*:*:*:* | 2009.2 (including) | |
cpe:2.3:a:perforce:perforce_server:97.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:98.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:99.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:99.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2000.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2000.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2001.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2001.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2002.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2002.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2003.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2003.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2004.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:perforce:perforce_server:2005.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page