Lucene search
HistoryApr 21, 2015 - 4:59 p.m.
CVE-2015-3374
cve-2015-3374
csrf
drupal
corner module
admin authentication
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.6%
Multiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable corners via unspecified vectors.
Affected configurations
Node
corner_projectcornerMatch-drupal
| CPE | Name | Operator | Version |
|---|---|---|---|
| corner_project:corner | corner project corner | eq | - |
Related
cvelist
cvelist
CVE-2015-3374
2015-04-21 16:00:00
nvd
nvd
CVE-2015-3374
2015-04-21 16:59:32
drupal
drupal
SA-CONTRIB-2015-029 - Corner - Cross Site Request Forgery (CSRF) - Unsupported
2015-01-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2015-04-21 16:59:00
kaspersky
kaspersky
KLA10563 Multiple vulnerabilities in Drupal modules
2015-04-21 00:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.6%
Related for CVE-2015-3374