Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
2010-03-05T19:30:01.000
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.6 (MEDIUM)
AV:N/AC:H/Au:S/C:P/I:P/A:P
3.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | perforce | perforce_server | ≤ 2009.2 | Yes |
| Application | perforce | perforce_server | 97.3 | Yes |
| Application | perforce | perforce_server | 98.2 | Yes |
| Application | perforce | perforce_server | 99.1 | Yes |
| Application | perforce | perforce_server | 99.2 | Yes |
| Application | perforce | perforce_server | 2000.1 | Yes |
| Application | perforce | perforce_server | 2000.2 | Yes |
| Application | perforce | perforce_server | 2001.1 | Yes |
| Application | perforce | perforce_server | 2001.2 | Yes |
| Application | perforce | perforce_server | 2002.1 | Yes |
| Application | perforce | perforce_server | 2002.2 | Yes |
| Application | perforce | perforce_server | 2003.1 | Yes |
| Application | perforce | perforce_server | 2003.2 | Yes |
| Application | perforce | perforce_server | 2004.2 | Yes |
| Application | perforce | perforce_server | 2005.1 | Yes |
| Application | perforce | perforce_server | 2005.2 | Yes |
| Application | perforce | perforce_server | 2006.1 | Yes |
| Application | perforce | perforce_server | 2006.2 | Yes |
| Application | perforce | perforce_server | 2007.2 | Yes |
| Application | perforce | perforce_server | 2007.3 | Yes |
| Application | perforce | perforce_server | 2007.3_143793 | Yes |
| Application | perforce | perforce_server | 2008.1 | Yes |
| Application | perforce | perforce_server | 2008.2 | Yes |