exploitDog

CVE-2013-4596

Опубликовано: 02 июн. 2014

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing.

Ссылки

http://secunia.com/advisories/55255
http://www.securityfocus.com/bid/63568
https://drupal.org/node/2125239
Patch
https://drupal.org/node/2129379
Patch
Vendor Advisory
http://secunia.com/advisories/55255
http://www.securityfocus.com/bid/63568
https://drupal.org/node/2125239
Patch
https://drupal.org/node/2129379
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:danielkorte:nodeaccesskeys:7.x-1.0:*:*:*:*:drupal:*:*

EPSS

Процентиль: 39%

0.00172

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-c23h-hqqc-r4hv

github

больше 3 лет назад

The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing.

EPSS

Процентиль: 39%

0.00172

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264