CVE-2009-4762
MoinMoin Improper Access Control vulnerability
7.5
HIGH
CVSS 3.1
EPSS 0.68%
Description
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
How to fix CVE-2009-4762
To remediate CVE-2009-4762, upgrade the affected package to a fixed version below.
- —upgrade to 1.9.2-1 or later
- —upgrade to 1.7.3 or later
- —upgrade to 1.7.3 or later
Is CVE-2009-4762 being exploited?
Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 1.9.2-1
- >= 1.7.0, < 1.7.3
- >= 1.7, < 1.7.3, >= 1.8, < 1.8.3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |