Lucene search
HistoryMar 09, 2007 - 10:19 p.m.
CVE-2007-1368
project issue tracking
remote access
drupal
cve-2007-1368
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.3%
The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with “access project issues” permission, to read the contents of a private node via a URL with a modified node identifier.
Affected configurations
Node
drupaldrupal_project_issue_trackingMatch4.7_1.0
ORdrupaldrupal_project_issue_trackingMatch4.7_1.2
ORdrupaldrupal_project_issue_trackingMatch4.7_2.0
ORdrupaldrupal_project_issue_trackingMatch4.7_2.1
ORdrupaldrupal_project_issue_trackingMatch4.7_2.2
ORdrupaldrupal_project_issue_trackingMatch5.0_0.1
ORdrupaldrupal_project_issue_trackingMatch5.7_1.1
Related
nvd
nvd
CVE-2007-1368
2007-03-09 22:19:00
prion
prion
Code injection
2007-03-09 22:19:00
cvelist
cvelist
CVE-2007-1368
2007-03-09 22:00:00
securityvulns
securityvulns
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.3%
Related for CVE-2007-1368