Lucene search

[email protected]CVE-2013-0318

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0318

2022-10-0316:15:03

CWE-264

[email protected]

web.nvd.nist.gov

banckle chat

drupal

remote attackers

access restrictions

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows remote attackers to bypass intended restrictions via unspecified vectors.

Affected configurations

NVD

Node

banckle_chat_projectbanckle_chatMatch-

AND

drupaldrupalMatch-

CPENameOperatorVersion
banckle_chat_project:banckle_chatbanckle chat project banckle chateq-

CPE	Name	Operator	Version
banckle_chat_project:banckle_chat	banckle chat project banckle chat	eq	-

References

drupal.org/node/1916370

www.openwall.com/lists/oss-security/2013/02/21/5

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

Related for CVE-2013-0318

prion1 cvelist1 drupal1 nvd1