Design/Logic Flaw

2009-11-2019:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.

CPENameOperatorVersion
web_serviceseq6.120.10

CPE	Name	Operator	Version
	web_services	eq	6.120.10

References

www.securityfocus.com/bid/37000

www.vupen.com/english/advisories/2009/3218

drupal.org/node/630244

exchange.xforce.ibmcloud.com/vulnerabilities/54249