CVE-2008-4791

Опубликовано: 29 окт. 2008

Источник: nvd

CVSS2: 6

EPSS Низкий

Описание

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.

Ссылки

http://drupal.org/node/318706
Patch
Vendor Advisory
http://secunia.com/advisories/32201
Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/10/21/7
Mailing List
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/45766
Third Party Advisory
VDB Entry
http://drupal.org/node/318706
Patch
Vendor Advisory
http://secunia.com/advisories/32201
Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/10/21/7
Mailing List
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/45766
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Версия от 5.0 (включая) до 5.11 (исключая)

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Версия от 6.0 (включая) до 6.5 (исключая)

EPSS

Процентиль: 63%

0.00465

Низкий

6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2008-4791

ubuntu

больше 16 лет назад

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.

CVE-2008-4791

debian

больше 16 лет назад

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might all ...

GHSA-7ffg-g538-4c8c

github

около 3 лет назад

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.

EPSS

Процентиль: 63%

0.00465

Низкий

6 Medium

CVSS2

Дефекты

CWE-264