Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5586

Опубликовано: 26 дек. 2012
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:rc3:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:rc4:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable2:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable3:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.1:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.2:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:6.x-3.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:marc_ingram:services:7.x-3.0:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc3:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc4:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc5:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.0:rc6:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.1:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.2:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.3:*:*:*:*:*:*:*
cpe:2.3:a:marc_ingram:services:7.x-3.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

EPSS

Процентиль: 48%
0.00251
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

github логотип

GHSA-6g5v-72q8-r94j

github
около 3 лет назад

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."

EPSS

Процентиль: 48%
0.00251
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264