CVE-2011-1571

{"id": "CVE-2011-1571", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-05-07T19:55:01.120", "references": [{"url": "http://issues.liferay.com/browse/LPS-14726", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952", "tags": ["Release Notes", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/03/29/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/04/08/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/04/11/9", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en XSL Content portlet en Liferay Portal Community Edition (CE) v5.x y v6.x anterior a v6.0.6 GA, cuando Apache Tomcat es utilizado, permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de vectores desconocidos."}], "lastModified": "2020-07-23T18:27:18.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "8AEE2383-4164-4729-8A51-EC4F5C4CB086", "versionEndIncluding": "5.1.2", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "36D6FB97-DA02-4BE8-9546-2676F79BD9BA", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}