← Volver a CVEs
CVE-2014-6276
N/ADescripcion
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado4/13/2016
Ultima modificacion4/12/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
debian:debian_linuxroundup-tracker:roundup
Debilidades (CWE)
CWE-264
Referencias
http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9(security@debian.org)
http://www.debian.org/security/2016/dsa-3502(security@debian.org)
https://sourceforge.net/p/roundup/code/ci/tip/tree/CHANGES.txt(security@debian.org)
http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3502(af854a3a-2127-422b-91ae-364da2661108)
https://sourceforge.net/p/roundup/code/ci/tip/tree/CHANGES.txt(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.