VYPR
Unrated severityNVD Advisory· Published Aug 12, 2012· Updated Jun 16, 2026

CVE-2012-3473

CVE-2012-3473

Description

The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:ushahidi:ushahidi_platform:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ushahidi:ushahidi_platform:*:*:*:*:*:*:*:*range: <=2.4.1
    • cpe:2.3:a:ushahidi:ushahidi_platform:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ushahidi:ushahidi_platform:2.4:*:*:*:*:*:*:*
    • (no CPE)range: <2.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.