Описание
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc1:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc2:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.x:dev:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.1:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.13:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.14:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.113:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.114:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.115:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.116:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.200:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.217:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.x:dev:*:*:*:drupal:*:*
EPSS
Процентиль: 44%
0.00216
Низкий
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.
EPSS
Процентиль: 44%
0.00216
Низкий
4 Medium
CVSS2
Дефекты
CWE-200