Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-4345

Опубликовано: 15 июн. 2015
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-1.0:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-1.1:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-1.2:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-1.3:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-1.4:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-2.0:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-2.1:*:*:*:*:drupal:*:*
cpe:2.3:a:restful_web_services_project:restful_web_services:7.x-2.2:*:*:*:*:drupal:*:*

EPSS

Процентиль: 55%
0.00329
Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-hpp7-jw3r-4x35

github
больше 3 лет назад

The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

EPSS

Процентиль: 55%
0.00329
Низкий

5 Medium

CVSS2

Дефекты

CWE-200