Back to bug 1016596
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Stephen Gallagher | 2013-10-08 11:38:37 UTC | Keywords | Security | |
| CC | security-response-team | |||
| Red Hat Bugzilla | 2013-10-08 11:38:37 UTC | Doc Type | --- | Bug Fix |
| Vincent Danen | 2013-10-08 14:40:23 UTC | Priority | unspecified | medium |
| Group | qe_staff | |||
| Version | rawhide | unspecified | ||
| CC | sgallagh | |||
| Component | ReviewBoard | vulnerability | ||
| Assignee | sgallagh | security-response-team | ||
| QA Contact | extras-qa | |||
| Summary | Access-control problems with REST API | EMBARGOED ReviewBoard: access-control problems with REST API | ||
| Product | Fedora | Security Response | ||
| Severity | high | medium | ||
| Vincent Danen | 2013-10-08 14:41:30 UTC | Whiteboard | impact=moderate,public=None,reported=None,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected | |
| Vincent Danen | 2013-10-08 14:41:35 UTC | Alias | CVE-2013-4410 | |
| Vincent Danen | 2013-10-08 14:41:40 UTC | Summary | EMBARGOED ReviewBoard: access-control problems with REST API | EMBARGOED CVE-2013-4410 ReviewBoard: access-control problems with REST API |
| Vincent Danen | 2013-10-08 14:41:44 UTC | Whiteboard | impact=moderate,public=None,reported=None,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected | impact=moderate,public=20131010,reported=None,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected |
| Vincent Danen | 2013-10-08 14:41:52 UTC | Whiteboard | impact=moderate,public=20131010,reported=None,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected | impact=moderate,public=20131010,reported=20131008,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected |
| Vincent Danen | 2013-10-08 14:41:57 UTC | Whiteboard | impact=moderate,public=20131010,reported=20131008,source=None,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected | impact=moderate,public=20131010,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected |
| Vincent Danen | 2013-10-08 14:43:14 UTC | Whiteboard | impact=moderate,public=20131010,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected | impact=moderate,public=20131010,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected,epel-6/ReviewBoard=affected |
| Vincent Danen | 2013-10-08 14:53:00 UTC | Blocks | 1016713 | |
| Murray McAllister | 2013-10-10 23:48:04 UTC | Whiteboard | impact=moderate,public=20131010,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected,epel-6/ReviewBoard=affected | impact=moderate,public=20131011,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected,epel-6/ReviewBoard=affected |
| Murray McAllister | 2013-10-10 23:48:24 UTC | Summary | EMBARGOED CVE-2013-4410 ReviewBoard: access-control problems with REST API | CVE-2013-4410 ReviewBoard: access-control problems with REST API |
| Murray McAllister | 2013-10-10 23:48:28 UTC | Group | security, qe_staff | |
| Murray McAllister | 2013-10-10 23:51:12 UTC | Depends On | 1017999 | |
| Murray McAllister | 2013-10-10 23:51:35 UTC | Depends On | 1018000 | |
| Murray McAllister | 2013-10-10 23:59:21 UTC | CC | mmcallis | |
| John Skeoch | 2015-01-04 22:43:50 UTC | CC | mmcallis | vdanen |
| Vincent Danen | 2015-01-05 17:13:19 UTC | CC | vdanen | |
| Product Security DevOps Team | 2019-06-08 02:30:37 UTC | Status | NEW | CLOSED |
| Resolution | --- | UPSTREAM | ||
| Last Closed | 2019-06-08 02:30:37 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:09:10 UTC | Whiteboard | impact=moderate,public=20131011,reported=20131008,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,fedora-all/ReviewBoard=affected,epel-6/ReviewBoard=affected |
Back to bug 1016596