Lucene search
HistoryNov 20, 2014 - 5:50 p.m.
CVE-2014-9023
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
48.1%
The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the “access administration pages” Drupal permission.
Affected configurations
Node
twilio_projecttwilioMatch7.x-1.1drupal
ORtwilio_projecttwilioMatch7.x-1.2drupal
ORtwilio_projecttwilioMatch7.x-1.4drupal
ORtwilio_projecttwilioMatch7.x-1.5drupal
ORtwilio_projecttwilioMatch7.x-1.6drupal
ORtwilio_projecttwilioMatch7.x-1.8drupal
ORtwilio_projecttwilioMatch7.x-1.9drupal
| Vendor | Product | Version | CPE |
|---|---|---|---|
| twilio_project | twilio | 7.x-1.1 | cpe:2.3:a:twilio_project:twilio:7.x-1.1:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.2 | cpe:2.3:a:twilio_project:twilio:7.x-1.2:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.4 | cpe:2.3:a:twilio_project:twilio:7.x-1.4:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.5 | cpe:2.3:a:twilio_project:twilio:7.x-1.5:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.6 | cpe:2.3:a:twilio_project:twilio:7.x-1.6:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.8 | cpe:2.3:a:twilio_project:twilio:7.x-1.8:*:*:*:*:drupal:*:* |
| twilio_project | twilio | 7.x-1.9 | cpe:2.3:a:twilio_project:twilio:7.x-1.9:*:*:*:*:drupal:*:* |
Related
prion
prion
Authentication flaw
2014-11-20 17:50:00
drupal
drupal
SA-CONTRIB-2014-093 - Twilio - Information Disclosure
2014-09-24 00:00:00
cvelist
cvelist
CVE-2014-9023
2014-11-20 17:00:00
cve
cve
CVE-2014-9023
2014-11-20 17:50:12
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
48.1%
Related for NVD:CVE-2014-9023