Lucene search
HistoryApr 29, 2014 - 2:38 p.m.
CVE-2013-7065
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
67.8%
The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field.
Affected configurations
Node
organic_groups_projectorganic_groupsMatch7.x-2.0-drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0alpha1drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0alpha2drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0alpha3drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0beta1drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0beta2drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0beta3drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0beta4drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0rc1drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0rc2drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0rc3drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.0rc4drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.1drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.2drupal
ORorganic_groups_projectorganic_groupsMatch7.x-2.xdevdrupal
Related
prion
prion
Design/Logic Flaw
2014-04-29 14:38:00
cve
cve
CVE-2013-7065
2014-04-29 14:38:43
ubuntucve
ubuntucve
CVE-2013-7065
2014-04-29 00:00:00
cvelist
cvelist
CVE-2013-7065
2014-04-29 14:00:00
drupal
drupal
SA-CONTRIB-2013-095 - Organic Groups - Access bypass
2013-11-20 00:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
67.8%
Related for NVD:CVE-2013-7065