CVE-2009-4044

Опубликовано: 20 нояб. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.

Ссылки

http://drupal.org/node/630244
Vendor Advisory
http://www.securityfocus.com/bid/37000
http://www.vupen.com/english/advisories/2009/3218
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54249
http://drupal.org/node/630244
Vendor Advisory
http://www.securityfocus.com/bid/37000
http://www.vupen.com/english/advisories/2009/3218
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54249

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:bruno_massa:web_services:6.x-1.0:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00822

Низкий

7.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-9w53-jhwg-vrwp

github

около 3 лет назад