Lucene search

K
nvd[email protected]NVD:CVE-2008-3221
HistoryJul 18, 2008 - 4:41 p.m.

CVE-2008-3221

2008-07-1816:41:00
CWE-352
web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

67.9%

Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.

Affected configurations

NVD
Node
drupaldrupalRange6.06.3
Node
fedoraprojectfedoraMatch8
OR
fedoraprojectfedoraMatch9

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

67.9%