Lucene search

[email protected]CVE-2013-4597

HistoryJun 09, 2014 - 7:55 p.m.

CVE-2013-4597

2014-06-0919:55:09

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-4597

drupal

revisioning module

access permissions

remote authenticated users

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.7%

JSON

The Revisioning module 7.x-1.x before 7.x-1.6 for Drupal does not properly check node access permissions for content marked unpublished by the Scheduled module, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Affected configurations

NVD

Node

rik_de_boerrevisioningMatch7.x-1.0

rik_de_boerrevisioningMatch7.x-1.0alpha1

rik_de_boerrevisioningMatch7.x-1.0alpha2

rik_de_boerrevisioningMatch7.x-1.0alpha3

rik_de_boerrevisioningMatch7.x-1.0alpha4

rik_de_boerrevisioningMatch7.x-1.0alpha5

rik_de_boerrevisioningMatch7.x-1.0beta1

rik_de_boerrevisioningMatch7.x-1.0beta10

rik_de_boerrevisioningMatch7.x-1.0beta11

rik_de_boerrevisioningMatch7.x-1.0beta2

rik_de_boerrevisioningMatch7.x-1.0beta3

rik_de_boerrevisioningMatch7.x-1.0beta4

rik_de_boerrevisioningMatch7.x-1.0beta5

rik_de_boerrevisioningMatch7.x-1.0beta6

rik_de_boerrevisioningMatch7.x-1.0beta7

rik_de_boerrevisioningMatch7.x-1.0beta8

rik_de_boerrevisioningMatch7.x-1.0beta9

rik_de_boerrevisioningMatch7.x-1.1

rik_de_boerrevisioningMatch7.x-1.2

rik_de_boerrevisioningMatch7.x-1.3

rik_de_boerrevisioningMatch7.x-1.4

rik_de_boerrevisioningMatch7.x-1.5

rik_de_boerrevisioningMatch7.x-1.x

rik_de_boerrevisioningMatch7.x-1.xdev

CPENameOperatorVersion
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.0
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.1
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.2
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.3
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.4
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.5
rik_de_boer:revisioningrik de boer revisioningeq7.x-1.x

CPE	Name	Operator	Version
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.0
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.1
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.2
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.3
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.4
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.5
rik_de_boer:revisioning	rik de boer revisioning	eq	7.x-1.x

References

seclists.org/oss-sec/2013/q4/317

drupal.org/node/2133555

drupal.org/node/2135257

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.7%

JSON

Related for CVE-2013-4597

drupal1 prion1 cvelist1 nvd1