Lucene search
PRIOn knowledge basePRION:CVE-2014-2983HistoryApr 23, 2014 - 3:55 p.m.
Input validation
2014-04-2315:55:00
PRIOn knowledge base
www.prio-n.com
6
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
56.7%
Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 7.0 | |
| debian_linux | eq | 6.0 | |
| drupal | ge | 7.0 | |
| drupal | lt | 7.27 | |
| drupal | ge | 6.0 | |
| drupal | lt | 6.31 |
Related
nessus
nessus
Drupal 7.x < 7.27 Forms API Information Disclosure
2014-04-21 00:00:00
Drupal 6.x < 6.31 Forms API Information Disclosure
2014-04-21 00:00:00
Debian DSA-2913-1 : drupal7 - security update
2014-04-27 00:00:00
osv
osv
drupal6 - security update
2014-04-25 00:00:00
drupal7 - security update
2014-04-25 00:00:00
debian
debian
[SECURITY] [DSA 2914-1] drupal6 security update
2014-04-25 20:18:01
[SECURITY] [DSA 2914-1] drupal6 security update
2014-04-25 20:18:01
[SECURITY] [DSA 2913-1] drupal7 security update
2014-04-25 20:17:56
openvas
openvas
Debian: Security Advisory (DSA-2913-1)
2014-04-24 00:00:00
Debian: Security Advisory (DSA-2914-1)
2014-04-24 00:00:00
Debian Security Advisory DSA 2913-1 (drupal7 - security update)
2014-04-25 00:00:00
drupal
drupal
SA-CORE-2014-002 - Drupal core - Information Disclosure
2014-04-16 00:00:00
cve
cve
CVE-2014-2983
2014-04-23 15:55:00
ubuntucve
ubuntucve
CVE-2014-2983
2014-04-23 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2914-1] drupal6 security update
2014-05-04 00:00:00
[SECURITY] [DSA 2913-1] drupal7 security update
2014-05-04 00:00:00
[ MDVSA-2015:181 ] drupal
2015-05-12 00:00:00
debiancve
debiancve
CVE-2014-2983
2014-04-23 15:55:00
mageia
mageia
Updated drupal packages fix security vulnerabilities
2014-08-07 21:01:33
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
56.7%
Related for PRION:CVE-2014-2983