Lucene search
HistoryJun 09, 2014 - 7:55 p.m.
CVE-2013-4599
cve-2013-4599
misery module
drupal
denial of service
process consumption
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.9 Medium
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.8%
The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the “delay misery” configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
Affected configurations
Node
misery_projectmiseryMatch6.x-2.0---drupal
ORmisery_projectmiseryMatch6.x-2.1---drupal
ORmisery_projectmiseryMatch6.x-2.2---drupal
ORmisery_projectmiseryMatch6.x-2.3---drupal
ORmisery_projectmiseryMatch6.x-2.4---drupal
ORmisery_projectmiseryMatch7.x-2.0---drupal
ORmisery_projectmiseryMatch7.x-2.1---drupal
Related
nvd
nvd
CVE-2013-4599
2014-06-09 19:55:09
prion
prion
Design/Logic Flaw
2014-06-09 19:55:00
drupal
drupal
SA-CONTRIB-2013-092 - Misery - Denial of Service (DOS) vulnerability.
2013-11-13 00:00:00
cvelist
cvelist
CVE-2013-4599
2014-06-09 19:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.9 Medium
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.8%
Related for CVE-2013-4599