CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12300

Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 5.0

References

Products affected by CVE-2019-12300

Buildbot » Buildbot » Version: 0.9.0

cpe:2.3:a:buildbot:buildbot:0.9.0
Buildbot » Buildbot » Version: 0.9.1

cpe:2.3:a:buildbot:buildbot:0.9.1
Buildbot » Buildbot » Version: 0.9.10

cpe:2.3:a:buildbot:buildbot:0.9.10
Buildbot » Buildbot » Version: 0.9.11

cpe:2.3:a:buildbot:buildbot:0.9.11
Buildbot » Buildbot » Version: 0.9.12

cpe:2.3:a:buildbot:buildbot:0.9.12
Buildbot » Buildbot » Version: 0.9.13

cpe:2.3:a:buildbot:buildbot:0.9.13
Buildbot » Buildbot » Version: 0.9.14

cpe:2.3:a:buildbot:buildbot:0.9.14
Buildbot » Buildbot » Version: 0.9.15

cpe:2.3:a:buildbot:buildbot:0.9.15
Buildbot » Buildbot » Version: 0.9.2

cpe:2.3:a:buildbot:buildbot:0.9.2
Buildbot » Buildbot » Version: 0.9.3

cpe:2.3:a:buildbot:buildbot:0.9.3
Buildbot » Buildbot » Version: 0.9.4

cpe:2.3:a:buildbot:buildbot:0.9.4
Buildbot » Buildbot » Version: 0.9.5

cpe:2.3:a:buildbot:buildbot:0.9.5
Buildbot » Buildbot » Version: 0.9.6

cpe:2.3:a:buildbot:buildbot:0.9.6
Buildbot » Buildbot » Version: 0.9.7

cpe:2.3:a:buildbot:buildbot:0.9.7
Buildbot » Buildbot » Version: 0.9.8

cpe:2.3:a:buildbot:buildbot:0.9.8
Buildbot » Buildbot » Version: 0.9.9

cpe:2.3:a:buildbot:buildbot:0.9.9
Buildbot » Buildbot » Version: 1.0.0

cpe:2.3:a:buildbot:buildbot:1.0.0
Buildbot » Buildbot » Version: 1.1.0

cpe:2.3:a:buildbot:buildbot:1.1.0
Buildbot » Buildbot » Version: 1.1.1

cpe:2.3:a:buildbot:buildbot:1.1.1
Buildbot » Buildbot » Version: 1.1.2

cpe:2.3:a:buildbot:buildbot:1.1.2
Buildbot » Buildbot » Version: 1.2.0

cpe:2.3:a:buildbot:buildbot:1.2.0
Buildbot » Buildbot » Version: 1.3.0

cpe:2.3:a:buildbot:buildbot:1.3.0
Buildbot » Buildbot » Version: 1.4.0

cpe:2.3:a:buildbot:buildbot:1.4.0
Buildbot » Buildbot » Version: 1.5.0

cpe:2.3:a:buildbot:buildbot:1.5.0
Buildbot » Buildbot » Version: 1.6.0

cpe:2.3:a:buildbot:buildbot:1.6.0
Buildbot » Buildbot » Version: 1.7.0

cpe:2.3:a:buildbot:buildbot:1.7.0
Buildbot » Buildbot » Version: 1.8.0

cpe:2.3:a:buildbot:buildbot:1.8.0
Buildbot » Buildbot » Version: 1.8.1

cpe:2.3:a:buildbot:buildbot:1.8.1
Buildbot » Buildbot » Version: 2.0.0

cpe:2.3:a:buildbot:buildbot:2.0.0
Buildbot » Buildbot » Version: 2.0.1

cpe:2.3:a:buildbot:buildbot:2.0.1
Buildbot » Buildbot » Version: 2.1.0

cpe:2.3:a:buildbot:buildbot:2.1.0
Buildbot » Buildbot » Version: 2.2.0

cpe:2.3:a:buildbot:buildbot:2.2.0
Buildbot » Buildbot » Version: 2.3.0

cpe:2.3:a:buildbot:buildbot:2.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12300

Products

Pricing

Contact Us