CVE-2016-3163

Опубликовано: 12 апр. 2016

Источник: debian

EPSS Низкий

Описание

The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal7	fixed	7.43-1		package
drupal6	removed			package
drupal6	end-of-life		squeeze	package

Примечания

https://www.drupal.org/SA-CORE-2016-001
https://www.openwall.com/lists/oss-security/2016/02/24/19

EPSS

Процентиль: 74%

0.00855

Низкий

Связанные уязвимости

CVE-2016-3163

CVSS3: 7.5

ubuntu

около 9 лет назад

The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method.

CVE-2016-3163

CVSS3: 7.5

nvd

около 9 лет назад

The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method.

GHSA-h3r9-pjmr-f938

CVSS3: 7.5

github

около 3 лет назад

Drupal Brute force amplification attacks via XML-RPC

EPSS

Процентиль: 74%

0.00855

Низкий