Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-2153HistoryOct 01, 2012 - 12:55 a.m.
CVE-2012-2153
2012-10-0100:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
Drupal 7.x before 7.14 does not properly restrict access to nodes in a list when using a “contributed node access module,” which allows remote authenticated users with the “Access the content overview page” permission to read all published nodes by accessing the admin/content page.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | drupal7 | < 7.52-2+deb9u11 | drupal7_7.52-2+deb9u11_all.deb |
Related
prion
prion
Code injection
2012-10-01 00:55:00
github
github
Drupal improper access restrictions
2022-05-17 04:56:41
ubuntucve
ubuntucve
CVE-2012-2153
2012-10-01 00:00:00
cve
cve
CVE-2012-2153
2012-10-01 00:55:00
osv
osv
Drupal improper access restrictions
2022-05-17 04:56:41
nessus
nessus
Drupal 7.x < 7.13 Multiple Vulnerabilities
2016-10-28 00:00:00
Mandriva Linux Security Advisory : drupal (MDVSA-2013:074)
2013-04-20 00:00:00
drupal
drupal
SA-CORE-2012-002 - Drupal core multiple vulnerabilities
2012-05-02 00:00:00
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
Related for DEBIANCVE:CVE-2012-2153