Search...

CVE-2014-8736

2014-11-12T11:55:07

ID CVE-2014-8736
Type cve
Reporter NVD
Modified 2014-11-13T09:24:03

Description

The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.

JSON Vulners Source

Initial Source

{"reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "published": "2014-11-12T11:55:07", "cvelist": ["CVE-2014-8736"], "title": "CVE-2014-8736", "objectVersion": "1.2", "type": "cve", "hash": "640bb1974529092c256ee045ae3ee975ba1bceb2b351c07d6c86058500d1bd2c", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8736", "bulletinFamily": "NVD", "id": "CVE-2014-8736", "history": [], "scanner": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "modified": "2014-11-13T09:24:03", "viewCount": 2, "cpe": ["cpe:/a:open_atrium_project:open_atrium:7.x-2.21::~~~drupal~~"], "edition": 1, "description": "The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.", "references": ["https://www.drupal.org/node/2357295", "https://www.drupal.org/node/2357279"], "lastseen": "2016-09-03T21:31:41", "assessment": {"system": "", "name": "", "href": ""}}