Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2011-2676
Deferred
More InfoOfficial Page
Source-vultures@jpcert.or.jp
View Known Exploited Vulnerability (KEV) details
Published At-03 Nov, 2011 | 10:55
Updated At-11 Apr, 2025 | 00:51

The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.5MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
CPE Matches
ark-web
ark-web
>>a-form>>Versions up to 1.3.5(inclusive)
cpe:2.3:a:ark-web:a-form:*:*:*:*:*:*:*:*
ark-web
ark-web
>>a-form>>2.0.2
cpe:2.3:a:ark-web:a-form:2.0.2:*:*:*:*:*:*:*
ark-web
ark-web
>>a-form_bamboo>>1.3.5
cpe:2.3:a:ark-web:a-form_bamboo:1.3.5:*:*:*:*:*:*:*
ark-web
ark-web
>>a-form_bamboo>>2.0.2
cpe:2.3:a:ark-web:a-form_bamboo:2.0.2:*:*:*:*:*:*:*
ark-web
ark-web
>>a-form_pc>>Versions up to 3.0(inclusive)
cpe:2.3:a:ark-web:a-form_pc:*:*:*:*:*:*:*:*
ark-web
ark-web
>>a-form_pc_mobile>>Versions up to 3.0(inclusive)
cpe:2.3:a:ark-web:a-form_pc_mobile:*:*:*:*:*:*:*:*
six_apart
six_apart
>>movable_type>>*
cpe:2.3:a:six_apart:movable_type:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://jvn.jp/en/jp/JVN34980730/index.htmlvultures@jpcert.or.jp
N/A
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000078vultures@jpcert.or.jp
N/A
http://www.ark-web.jp/movabletype/a-form/docs/security_patch.htmlvultures@jpcert.or.jp
Patch
http://www.ark-web.jp/movabletype/blog/2011/09/aform_update110927.htmlvultures@jpcert.or.jp
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/70408vultures@jpcert.or.jp
N/A
http://jvn.jp/en/jp/JVN34980730/index.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000078af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ark-web.jp/movabletype/a-form/docs/security_patch.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.ark-web.jp/movabletype/blog/2011/09/aform_update110927.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/70408af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found