Liferay Portal Security Bypass Vulnerability
BID:53186
Info
Liferay Portal Security Bypass Vulnerability
| Bugtraq ID: | 53186 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 20 2012 12:00AM |
| Updated: | Apr 20 2012 12:00AM |
| Credit: | Jelmer Kuperus |
| Vulnerable: |
Liferay Enterprise Portal 6.1 ce |
| Not Vulnerable: | |
Discussion
Liferay Portal Security Bypass Vulnerability
Liferay Portal is prone to a security-bypass vulnerability.
Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions.
Liferay Portal is prone to a security-bypass vulnerability.
Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions.
Exploit / POC
Liferay Portal Security Bypass Vulnerability
An attacker can exploit this issue through a browser.
An attacker can exploit this issue through a browser.
Solution / Fix
Liferay Portal Security Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Liferay Portal Security Bypass Vulnerability
References:
References:
- Liferay Portal Product Page (Liferay)
- Liferay 6.1 can be compromised in its default configuration (Jelmer Kuperus)