CVE-2017-1000489

Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
References
Link Resource
https://github.com/mautic/mautic/releases/tag/2.12.0 Issue Tracking Mitigation Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:acquia:mautic:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.9.0:beta:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.10.0:beta:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:2.11.0:beta:*:*:*:*:*:*
cpe:2.3:a:mautic:mautic:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:mautic:mautic:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mautic:mautic:2.10.0:*:*:*:*:*:*:*
cpe:2.3:a:mautic:mautic:2.11.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-01-03 17:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-1000489

Mitre link : CVE-2017-1000489

CVE.ORG link : CVE-2017-1000489


JSON object : View

Products Affected

mautic

  • mautic

acquia

  • mautic
CWE
CWE-287

Improper Authentication