Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2015-7228
cve-2015-7228
drupal
information disclosure
restful module
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors.
Affected configurations
Node
restful_projectrestfulMatch7.x-1.0drupal
ORrestful_projectrestfulMatch7.x-1.1drupal
ORrestful_projectrestfulMatch7.x-1.2drupal
Related
nvd
nvd
CVE-2015-7228
2015-09-17 16:59:07
drupal
drupal
RESTful - Moderately Critical - Access bypass - SA-CONTRIB-2015-147
2015-09-09 00:00:00
cvelist
cvelist
CVE-2015-7228
2022-10-03 16:15:55
prion
prion
Authentication flaw
2015-09-17 16:59:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
Related for CVE-2015-7228