VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-n45x-dafe-aaam

Essentials
Severities (130)
References (37)
Severity details (47)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-n45x-dafe-aaam
Aliases	CVE-2011-0696 GHSA-5j2h-h5hg-3wf8 PYSEC-2011-10
Summary	Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-352	Cross-Site Request Forgery (CSRF)
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	6.1	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.html
cvssv3.1	6.1	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.html
cvssv3.1	9.1	http://openwall.com/lists/oss-security/2011/02/09/6
generic_textual	CRITICAL	http://openwall.com/lists/oss-security/2011/02/09/6
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.01453	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
epss	0.0275	https://api.first.org/data/v1/epss?cve=CVE-2011-0696
cvssv3.1	7.5	https://bugzilla.redhat.com/show_bug.cgi?id=676357
generic_textual	HIGH	https://bugzilla.redhat.com/show_bug.cgi?id=676357
cvssv3.1	7.5	http://secunia.com/advisories/43230
generic_textual	HIGH	http://secunia.com/advisories/43230
cvssv3.1	7.5	http://secunia.com/advisories/43297
generic_textual	HIGH	http://secunia.com/advisories/43297
cvssv3.1	7.5	http://secunia.com/advisories/43382
generic_textual	HIGH	http://secunia.com/advisories/43382
cvssv3.1	7.5	http://secunia.com/advisories/43426
generic_textual	HIGH	http://secunia.com/advisories/43426
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-5j2h-h5hg-3wf8
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-5j2h-h5hg-3wf8
cvssv3.1	3.7	https://github.com/django/django
generic_textual	MODERATE	https://github.com/django/django
cvssv3.1	7.5	https://github.com/django/django/commit/408c5c873ce1437c7eee9544ff279ecbad7e150a
generic_textual	HIGH	https://github.com/django/django/commit/408c5c873ce1437c7eee9544ff279ecbad7e150a
cvssv3.1	7.5	https://github.com/django/django/commit/818e70344e7193f6ebc73c82ed574e6ce3c91afc
generic_textual	HIGH	https://github.com/django/django/commit/818e70344e7193f6ebc73c82ed574e6ce3c91afc
cvssv3.1	7.5	https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-10.yaml
generic_textual	HIGH	https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-10.yaml
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2011-0696
cvssv3.1	6.1	http://www.debian.org/security/2011/dsa-2163
generic_textual	MODERATE	http://www.debian.org/security/2011/dsa-2163
cvssv3.1	9.1	http://www.djangoproject.com/weblog/2011/feb/08/security
generic_textual	CRITICAL	http://www.djangoproject.com/weblog/2011/feb/08/security
cvssv3.1	9.1	http://www.mandriva.com/security/advisories?name=MDVSA-2011:031
generic_textual	CRITICAL	http://www.mandriva.com/security/advisories?name=MDVSA-2011:031
cvssv3.1	7.5	http://www.securityfocus.com/bid/46296
generic_textual	HIGH	http://www.securityfocus.com/bid/46296
cvssv3.1	6.1	http://www.ubuntu.com/usn/USN-1066-1
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-1066-1
cvssv3.1	7.5	http://www.vupen.com/english/advisories/2011/0372
generic_textual	HIGH	http://www.vupen.com/english/advisories/2011/0372
cvssv3.1	7.5	http://www.vupen.com/english/advisories/2011/0388
generic_textual	HIGH	http://www.vupen.com/english/advisories/2011/0388
cvssv3.1	7.5	http://www.vupen.com/english/advisories/2011/0429
generic_textual	HIGH	http://www.vupen.com/english/advisories/2011/0429
cvssv3.1	7.5	http://www.vupen.com/english/advisories/2011/0439
generic_textual	HIGH	http://www.vupen.com/english/advisories/2011/0439
cvssv3.1	7.5	http://www.vupen.com/english/advisories/2011/0441
generic_textual	HIGH	http://www.vupen.com/english/advisories/2011/0441

Reference id	Reference type	URL
		http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.html
		http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.html
		http://openwall.com/lists/oss-security/2011/02/09/6
		https://api.first.org/data/v1/epss?cve=CVE-2011-0696
		https://bugzilla.redhat.com/show_bug.cgi?id=676357
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0696
		http://secunia.com/advisories/43230
		http://secunia.com/advisories/43297
		http://secunia.com/advisories/43382
		http://secunia.com/advisories/43426
		https://github.com/django/django
		https://github.com/django/django/commit/408c5c873ce1437c7eee9544ff279ecbad7e150a
		https://github.com/django/django/commit/818e70344e7193f6ebc73c82ed574e6ce3c91afc
		https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-10.yaml
		http://www.debian.org/security/2011/dsa-2163
		http://www.djangoproject.com/weblog/2011/feb/08/security
		http://www.djangoproject.com/weblog/2011/feb/08/security/
		http://www.mandriva.com/security/advisories?name=MDVSA-2011:031
		http://www.securityfocus.com/bid/46296
		http://www.ubuntu.com/usn/USN-1066-1
		http://www.vupen.com/english/advisories/2011/0372
		http://www.vupen.com/english/advisories/2011/0388
		http://www.vupen.com/english/advisories/2011/0429
		http://www.vupen.com/english/advisories/2011/0439
		http://www.vupen.com/english/advisories/2011/0441
cpe:2.3:a:djangoproject:django:1.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1:::::::*
cpe:2.3:a:djangoproject:django:1.1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.0:::::::*
cpe:2.3:a:djangoproject:django:1.1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.2:::::::*
cpe:2.3:a:djangoproject:django:1.1.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.3:::::::*
cpe:2.3:a:djangoproject:django:1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2:::::::*
cpe:2.3:a:djangoproject:django:1.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.1:::::::*
cpe:2.3:a:djangoproject:django:1.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.2:::::::*
cpe:2.3:a:djangoproject:django:1.2.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.3:::::::*
cpe:2.3:a:djangoproject:django:1.2.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.4:::::::*
CVE-2011-0696		https://nvd.nist.gov/vuln/detail/CVE-2011-0696
GHSA-5j2h-h5hg-3wf8		https://github.com/advisories/GHSA-5j2h-h5hg-3wf8
USN-1066-1		https://usn.ubuntu.com/1066-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Found at http://openwall.com/lists/oss-security/2011/02/09/6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=676357

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://secunia.com/advisories/43230

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://secunia.com/advisories/43297

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://secunia.com/advisories/43382

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://secunia.com/advisories/43426

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/django/django

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/django/django/commit/408c5c873ce1437c7eee9544ff279ecbad7e150a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/django/django/commit/818e70344e7193f6ebc73c82ed574e6ce3c91afc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-10.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-0696

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://www.debian.org/security/2011/dsa-2163

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Found at http://www.djangoproject.com/weblog/2011/feb/08/security

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Found at http://www.mandriva.com/security/advisories?name=MDVSA-2011:031

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.securityfocus.com/bid/46296

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://www.ubuntu.com/usn/USN-1066-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.vupen.com/english/advisories/2011/0372

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.vupen.com/english/advisories/2011/0388

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.vupen.com/english/advisories/2011/0429

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.vupen.com/english/advisories/2011/0439

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.vupen.com/english/advisories/2011/0441

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.73506
EPSS Score	0.00381
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.