9.3
HIGH

CVE-2011-1571

Published: 07/05/2011 Updated: 31/05/2011
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

Vulnerability Summary

Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Complexity: MEDIUM
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Affected Products

Vendor Product Versions
LiferayPortal5.0.0, 5.0.1, 5.1.0, 5.1.1, 5.1.2, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5

EDB Exploits

References