Lucene search

[email protected]CVE-2007-3689

HistoryJul 11, 2007 - 5:30 p.m.

CVE-2007-3689

2007-07-1117:30:00

[email protected]

web.nvd.nist.gov

drupal

print module

remote attackers

restricted posts

url arguments

nvd

cve-2007-3689

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.

Affected configurations

NVD

Node

drupalprint_moduleRange≤4.7

drupalprint_moduleRange≤5.x-1.1

CPENameOperatorVersion
drupal:print_moduledrupal print modulele4.7
drupal:print_moduledrupal print modulele5.x-1.1

CPE	Name	Operator	Version
drupal:print_module	drupal print module	le	4.7
drupal:print_module	drupal print module	le	5.x-1.1

References

drupal.org/node/152804

drupal.org/node/158029

drupal.org/node/158032

osvdb.org/37897

secunia.com/advisories/25978

www.securityfocus.com/bid/24862

www.vupen.com/english/advisories/2007/2470

exchange.xforce.ibmcloud.com/vulnerabilities/35314

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2007-3689

cvelist1 prion1 nvd1