Lucene search

[email protected]NVD:CVE-2008-3221

HistoryJul 18, 2008 - 4:41 p.m.

CVE-2008-3221

2008-07-1816:41:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

68.9%

JSON

Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.

Affected configurations

Nvd

Node

drupaldrupalRange6.0–6.3

Node

fedoraprojectfedoraMatch8

fedoraprojectfedoraMatch9

References

drupal.org/node/280571

secunia.com/advisories/31079

www.openwall.com/lists/oss-security/2008/07/10/3

www.securityfocus.com/bid/30168

bugzilla.redhat.com/show_bug.cgi?id=454849

www.redhat.com/archives/fedora-package-announce/2008-August/msg00016.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00527.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00551.html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

68.9%

JSON

Related for NVD:CVE-2008-3221

cvelist1 cve1 prion1 ubuntucve1 openvas6 freebsd1 nessus4 redhatcve1