CVE-2017-6919

Опубликовано: 20 апр. 2017

Источник: debian

EPSS Низкий

Описание

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal8	itp			package

Примечания

https://www.drupal.org/SA-CORE-2017-002

EPSS

Процентиль: 70%

0.00673

Низкий

Связанные уязвимости

CVE-2017-6919

CVSS3: 7.5

ubuntu

больше 8 лет назад

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

CVE-2017-6919

CVSS3: 7.5

nvd

больше 8 лет назад

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

GHSA-6hpj-9xj7-2jxx

CVSS3: 7.5

github

около 3 лет назад

Drupal access control bypass vulnerability

EPSS

Процентиль: 70%

0.00673

Низкий