Lucene search

K
cve[email protected]CVE-2015-5509
HistoryAug 18, 2015 - 6:00 p.m.

CVE-2015-5509

2015-08-1818:00:14
CWE-264
web.nvd.nist.gov
24
cve-2015-5509
administration views
drupal
access control
bypass restrictions
security vulnerability

6.9 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.3%

The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors.

Affected configurations

NVD
Node
administration_views_projectadministration_viewsMatch7.x-1.0drupal
OR
administration_views_projectadministration_viewsMatch7.x-1.0rc1drupal
OR
administration_views_projectadministration_viewsMatch7.x-1.1drupal
OR
administration_views_projectadministration_viewsMatch7.x-1.2drupal
OR
administration_views_projectadministration_viewsMatch7.x-1.xdevdrupal

6.9 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.3%

Related for CVE-2015-5509