Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-1000489

Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address

2018-01-03T17:29:00.197

2024-11-21T03:04:51.063

Modified

CVSSv3.0: 8.1 (HIGH)

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.6

6.4

Type	Vendor	Product	Version/Range	Vulnerable?
Application	acquia	mautic	2.0.0	Yes
Application	acquia	mautic	2.0.1	Yes
Application	acquia	mautic	2.1.0	Yes
Application	acquia	mautic	2.1.1	Yes
Application	acquia	mautic	2.2.0	Yes
Application	acquia	mautic	2.2.1	Yes
Application	acquia	mautic	2.3.0	Yes
Application	acquia	mautic	2.4.0	Yes
Application	acquia	mautic	2.5.0	Yes
Application	acquia	mautic	2.5.1	Yes
Application	acquia	mautic	2.6.0	Yes
Application	acquia	mautic	2.6.1	Yes
Application	acquia	mautic	2.7.0	Yes
Application	acquia	mautic	2.7.1	Yes
Application	acquia	mautic	2.8.0	Yes
Application	acquia	mautic	2.8.1	Yes
Application	acquia	mautic	2.8.2	Yes
Application	acquia	mautic	2.9.0	Yes
Application	acquia	mautic	2.9.1	Yes
Application	acquia	mautic	2.10.0	Yes
Application	acquia	mautic	2.10.1	Yes
Application	acquia	mautic	2.11.0	Yes
Application	mautic	mautic	2.9.0	Yes
Application	mautic	mautic	2.9.2	Yes
Application	mautic	mautic	2.10.0	Yes
Application	mautic	mautic	2.11.0	Yes

https://github.com/mautic/mautic/releases/tag/2.12.0 Issue Tracking, Mitigation, Release Notes, Third Party Advisory ([email protected])
https://github.com/mautic/mautic/releases/tag/2.12.0 Issue Tracking, Mitigation, Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)