CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3587

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile29.72th
PublishedOct 10, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Affected Platforms (CPE)

πŸ“¦
Plone

Plone

= 4.0
πŸ“¦
Plone

Plone

= 4.0.1
πŸ“¦
Plone

Plone

= 4.0.2
πŸ“¦
Plone

Plone

= 4.0.3
πŸ“¦
Plone

Plone

= 4.0.4
πŸ“¦
Plone

Plone

= 4.0.5
πŸ“¦
Plone

Plone

= 4.0.6.1
πŸ“¦
Plone

Plone

= 4.0.7
πŸ“¦
Plone

Plone

= 4.0.8
πŸ“¦
Plone

Plone

= 4.0.9
πŸ“¦
Plone

Plone

= 4.1
πŸ“¦
Plone

Plone

= 4.2
πŸ“¦
Plone

Plone

= 4.2a1
πŸ“¦
Plone

Plone

= 4.2a2
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.0
πŸ“¦
Zope

Zope

= 2.12.1
πŸ“¦
Zope

Zope

= 2.12.2
πŸ“¦
Zope

Zope

= 2.12.3
πŸ“¦
Zope

Zope

= 2.12.4
πŸ“¦
Zope

Zope

= 2.12.5
πŸ“¦
Zope

Zope

= 2.12.6
πŸ“¦
Zope

Zope

= 2.12.7
πŸ“¦
Zope

Zope

= 2.12.8
πŸ“¦
Zope

Zope

= 2.12.9
πŸ“¦
Zope

Zope

= 2.12.10
πŸ“¦
Zope

Zope

= 2.12.11
πŸ“¦
Zope

Zope

= 2.12.12
πŸ“¦
Zope

Zope

= 2.12.13
πŸ“¦
Zope

Zope

= 2.12.14
πŸ“¦
Zope

Zope

= 2.12.15
πŸ“¦
Zope

Zope

= 2.12.16
πŸ“¦
Zope

Zope

= 2.12.17
πŸ“¦
Zope

Zope

= 2.12.18
πŸ“¦
Zope

Zope

= 2.12.19
πŸ“¦
Zope

Zope

= 2.12.20
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.0
πŸ“¦
Zope

Zope

= 2.13.1
πŸ“¦
Zope

Zope

= 2.13.2
πŸ“¦
Zope

Zope

= 2.13.3
πŸ“¦
Zope

Zope

= 2.13.4
πŸ“¦
Zope

Zope

= 2.13.5
πŸ“¦
Zope

Zope

= 2.13.6
πŸ“¦
Zope

Zope

= 2.13.7
πŸ“¦
Zope

Zope

= 2.13.8
πŸ“¦
Zope

Zope

= 2.13.9
πŸ“¦
Zope

Zope

= 2.13.10

References & Advisories

πŸ”— http://plone.org/products/plone-hotfix/releases/20110928
πŸ”— http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
πŸ”— http://plone.org/products/plone/security/advisories/20110928
πŸ”— http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
πŸ”— http://secunia.com/advisories/46221
πŸ”— http://secunia.com/advisories/46323
πŸ”— http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=742297

Related Vulnerabilities

CVE-2008-139310.0

Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for...

CVE-2021-335099.9

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText...

CVE-2020-79419.8

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content wit...

CVE-2020-351909.8

The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. Syste...