Strix
26.1K

CVE-2008-5102

UnknownEPSS 3.96%

Last modified

CVE-2008-5102 is a vulnerability of currently unknown severity. PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.. EPSS estimates a 3.96% chance of exploitation in the next 30 days.

Description

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

Metrics

EPSS Probability
3.96%

89.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ZopeZope<= 2.11.2
ZopeZope1.10.3
ZopeZope1.10.4
ZopeZope2.0.0
ZopeZope2.0.0a4
ZopeZope2.0.0b4
ZopeZope2.0.0b5
ZopeZope2.0.0b6
ZopeZope2.0.1
ZopeZope2.1.0
ZopeZope2.1.0b1
ZopeZope2.1.0b2
ZopeZope2.1.1
ZopeZope2.1.2
ZopeZope2.1.3
ZopeZope2.1.4
ZopeZope2.1.5
ZopeZope2.1.6
ZopeZope2.2.0
ZopeZope2.2.0a1
ZopeZope2.2.0b1
ZopeZope2.2.0b2
ZopeZope2.2.0b3
ZopeZope2.2.0b4
ZopeZope2.2.1
ZopeZope2.2.1b1
ZopeZope2.2.2
ZopeZope2.2.3
ZopeZope2.2.4
ZopeZope2.2.4b1
ZopeZope2.2.5
ZopeZope2.2.5b1
ZopeZope2.3.0
ZopeZope2.3.0a1
ZopeZope2.3.0a2
ZopeZope2.3.0b1
ZopeZope2.3.0b2
ZopeZope2.3.0b3
ZopeZope2.3.1
ZopeZope2.3.1b1
ZopeZope2.3.1b2
ZopeZope2.3.1b3
ZopeZope2.3.2
ZopeZope2.3.2b1
ZopeZope2.3.2b2
ZopeZope2.3.3
ZopeZope2.3.3b1
ZopeZope2.4.0
ZopeZope2.4.0a1
ZopeZope2.4.0b1

Showing 50 of 156 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2008-5102?
PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.
How severe is CVE-2008-5102?
Severity scoring for CVE-2008-5102 is pending analysis. The EPSS model estimates a 3.96% probability of exploitation in the next 30 days.
How do I fix CVE-2008-5102?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-5102?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST