CVE-2012-2315

EPSS 8.34% · P92 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-2315

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

OpenKM安全认证绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OpenKM中的admin/Auth中存在安全认证绕过漏洞。攻击者可利用该漏洞绕过认证进程进而获得对受影响系统的未授权访问。OpenKM 5.1.7版本中存在该漏洞，其他版本也可能受影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-2315

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-2315

请登录查看更多情报信息。

http://www.securityfocus.com/bid/51250vdb-entryx_refsource_BID
http://osvdb.org/78105vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/47424third-party-advisoryx_refsource_SECUNIA
🔗 http://archives.neohapsis.com/archives/bugtraq/2012-01/0007.htmlmailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/72112vdb-entryx_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2012-01/0021.htmlmailing-listx_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2012/03/23/6mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2012/04/27/6mailing-listx_refsource_MLIST
🔗 http://www.openwall.com/lists/oss-security/2012/03/23/8mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2012/05/04/2mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2012-2315

Same Patch Batch · n/a · 2012-09-09 · 19 CVEs total

CVE-2012-1581		MediaWiki 权限许可和访问控制漏洞
CVE-2012-4885		MediaWiki wikitext解析器拒绝服务漏洞
CVE-2012-2316		OpenKM ‘servlet/admin/AuthServlet.java’跨站请求伪造漏洞
CVE-2012-2115		OpenEMR ‘validateUser.php’ SQL注入漏洞
CVE-2012-1912		PHP Address Book ‘preferences.php’跨站脚本漏洞
CVE-2012-1911		PHP Address Book 多个SQL注入漏洞
CVE-2012-1649		Drupal Cool Aid模块权限许可和访问控制漏洞
CVE-2012-1648		Drupal Cool Aid模块跨站脚本漏洞
CVE-2012-1582		MediaWiki wikitext解析器跨站脚本漏洞
CVE-2011-4942		Geeklog ‘admin/configuration.php’多个跨站脚本漏洞
CVE-2012-1580		MediaWiki ‘Special:Upload’跨站请求伪造漏洞
CVE-2012-1579		MediaWiki 资源加载器信息泄露漏洞
CVE-2012-1578		MediaWiki 多个跨站请求伪造漏洞
CVE-2012-1152		Perl ‘YAML::LibYAM’格式化字符串漏洞
CVE-2012-1151		Perl ‘DBD::Pg’格式化字符串漏洞
CVE-2011-5161		OpenEMR ‘patient photograph’功能未限制文件上传漏洞
CVE-2011-5160		OpenEMR ‘setup.php’跨站脚本漏洞
CVE-2011-5159		Geeklog ‘admin/configuration.php’跨站脚本漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-2315

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-2315

I. Basic Information for CVE-2012-2315

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-2315

III. Intelligence Information for CVE-2012-2315

Same Patch Batch · n/a · 2012-09-09 · 19 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-2315

Leave a comment