Lucene search
HistoryOct 03, 2022 - 4:20 p.m.
CVE-2010-3093
cve-2010-3093
drupal
comment module
access restrictions
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.6%
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an “unpublishing bypass” issue.
Affected configurations
Node
drupaldrupalMatch5.0
ORdrupaldrupalMatch5.0beta1
ORdrupaldrupalMatch5.0beta2
ORdrupaldrupalMatch5.0dev
ORdrupaldrupalMatch5.0rc1
ORdrupaldrupalMatch5.0rc2
ORdrupaldrupalMatch5.1
ORdrupaldrupalMatch5.2
ORdrupaldrupalMatch5.3
ORdrupaldrupalMatch5.4
ORdrupaldrupalMatch5.5
ORdrupaldrupalMatch5.6
ORdrupaldrupalMatch5.7
ORdrupaldrupalMatch5.8
ORdrupaldrupalMatch5.9
ORdrupaldrupalMatch5.10
ORdrupaldrupalMatch5.11
ORdrupaldrupalMatch5.12
ORdrupaldrupalMatch5.13
ORdrupaldrupalMatch5.14
ORdrupaldrupalMatch5.15
ORdrupaldrupalMatch5.16
ORdrupaldrupalMatch5.17
ORdrupaldrupalMatch5.18
ORdrupaldrupalMatch5.19
ORdrupaldrupalMatch5.20
ORdrupaldrupalMatch5.21
ORdrupaldrupalMatch5.22
Node
drupaldrupalMatch6.0
ORdrupaldrupalMatch6.0beta1
ORdrupaldrupalMatch6.0beta2
ORdrupaldrupalMatch6.0beta3
ORdrupaldrupalMatch6.0beta4
ORdrupaldrupalMatch6.0dev
ORdrupaldrupalMatch6.0rc1
ORdrupaldrupalMatch6.0rc2
ORdrupaldrupalMatch6.0rc3
ORdrupaldrupalMatch6.0rc4
ORdrupaldrupalMatch6.1
ORdrupaldrupalMatch6.2
ORdrupaldrupalMatch6.3
ORdrupaldrupalMatch6.4
ORdrupaldrupalMatch6.5
ORdrupaldrupalMatch6.6
ORdrupaldrupalMatch6.7
ORdrupaldrupalMatch6.8
ORdrupaldrupalMatch6.9
ORdrupaldrupalMatch6.10
ORdrupaldrupalMatch6.11
ORdrupaldrupalMatch6.12
ORdrupaldrupalMatch6.13
ORdrupaldrupalMatch6.14
ORdrupaldrupalMatch6.15
ORdrupaldrupalMatch6.16
ORdrupaldrupalMatch6.17
Related
ubuntucve
ubuntucve
CVE-2010-3093
2010-09-21 00:00:00
nvd
nvd
CVE-2010-3093
2010-09-21 20:00:02
prion
prion
Authorization
2010-09-21 20:00:00
cvelist
cvelist
CVE-2010-3093
2022-10-03 16:20:54
debian
debian
[SECURITY] [DSA 2113-1] New drupal6 packages fix several vulnerabilities
2010-09-20 14:15:04
[BSA-023] Security Update for drupal6
2011-01-25 16:43:46
openvas
openvas
Debian Security Advisory DSA 2113-1 (drupal6)
2010-10-10 00:00:00
Debian: Security Advisory (DSA-2113-1)
2010-10-10 00:00:00
securityvulns
securityvulns
osv
osv
drupal6 - several vulnerabilities
2010-09-20 00:00:00
nessus
nessus
Debian DSA-2113-1 : drupal6 - several vulnerabilities
2010-09-21 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.6%
Related for CVE-2010-3093