CVE-2011-3587
Zope Command Execution Vulnerability
EPSS 90.5%
Description
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the `p_` class in `OFS/misc_.py` and the use of Python modules.
How to fix CVE-2011-3587
To remediate CVE-2011-3587, upgrade the affected package to a fixed version below.
- PyPI/zope2—upgrade to 2.12.20 or later
Is CVE-2011-3587 being exploited?
Likely — EPSS is 90.5%, placing CVE-2011-3587 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- >= 2.12.0, < 2.12.20