Lucene search

[email protected]NVD:CVE-2009-2237

HistoryJun 27, 2009 - 6:47 p.m.

CVE-2009-2237

2009-06-2718:47:59

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON

Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify “nodes or classes of nodes” via unknown vectors, probably related to registered procedures (aka actions).

Affected configurations

Nvd

Node

drupaldrupal

AND

karim_ratibviews_bulk_operationsMatch5.x-1.0

karim_ratibviews_bulk_operationsMatch5.x-1.1

karim_ratibviews_bulk_operationsMatch5.x-1.2

karim_ratibviews_bulk_operationsMatch5.x-1.3

karim_ratibviews_bulk_operationsMatch6.x-1.0

karim_ratibviews_bulk_operationsMatch6.x-1.1

karim_ratibviews_bulk_operationsMatch6.x-1.2

karim_ratibviews_bulk_operationsMatch6.x-1.3

karim_ratibviews_bulk_operationsMatch6.x-1.4

VendorProductVersionCPE
drupaldrupal*cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations5.x-1.0cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.0:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations5.x-1.1cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.1:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations5.x-1.2cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.2:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations5.x-1.3cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.3:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations6.x-1.0cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.0:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations6.x-1.1cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.1:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations6.x-1.2cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.2:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations6.x-1.3cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.3:*:*:*:*:*:*:*
karim_ratibviews_bulk_operations6.x-1.4cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
drupal	drupal	*	cpe:2.3:a:drupal:drupal::::::::
karim_ratib	views_bulk_operations	5.x-1.0	cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.0:::::::*
karim_ratib	views_bulk_operations	5.x-1.1	cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.1:::::::*
karim_ratib	views_bulk_operations	5.x-1.2	cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.2:::::::*
karim_ratib	views_bulk_operations	5.x-1.3	cpe:2.3:a:karim_ratib:views_bulk_operations:5.x-1.3:::::::*
karim_ratib	views_bulk_operations	6.x-1.0	cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.0:::::::*
karim_ratib	views_bulk_operations	6.x-1.1	cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.1:::::::*
karim_ratib	views_bulk_operations	6.x-1.2	cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.2:::::::*
karim_ratib	views_bulk_operations	6.x-1.3	cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.3:::::::*
karim_ratib	views_bulk_operations	6.x-1.4	cpe:2.3:a:karim_ratib:views_bulk_operations:6.x-1.4:::::::*

References

drupal.org/node/468450

secunia.com/advisories/35117

www.securityfocus.com/bid/35051

exchange.xforce.ibmcloud.com/vulnerabilities/50659

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON

Related for NVD:CVE-2009-2237

cve1 cvelist1 prion1