CVE-2012-3475

critical

Description

The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors.

References

https://github.com/ushahidi/Ushahidi_Web/commit/fcdad03

https://github.com/ushahidi/Ushahidi_Web/commit/7892559

http://openwall.com/lists/oss-security/2012/08/09/5

Details

Source: Mitre, NVD

Published: 2012-08-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00519