Vulnerability Details CVE-2009-0669
Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56826
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204
- http://secunia.com/advisories/36205
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52379
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56826
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204
- http://secunia.com/advisories/36205
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52379