Sitecore CMS Staging Service 'api.asmx' Authentication Bypass Vulnerability

Bugtraq ID: 37388
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Dec 17 2009 12:00AM
Updated: Dec 18 2009 10:53PM
Credit: Lukas Weichselbaum from SEC Consult
Vulnerable: Sitecore Sitecore CMS 5.4 rev 080625
Sitecore Sitecore CMS 5.3.2 rev. 090212
Sitecore Sitecore CMS 5.3.2 rev. 081002
Sitecore Sitecore CMS 5.3.1 rev. 071114
Not Vulnerable: Sitecore Sitecore CMS 5.4 rev 091111


 

Privacy Statement
Copyright 2010, SecurityFocus