Lucene search
RootSSV:92989HistoryApr 21, 2017 - 12:00 a.m.
Drupal Core - Access Bypass vulnerability (CVE-2017-6919)
2017-04-2100:00:00
Root
www.seebug.org
33
0.003 Low
EPSS
Percentile
65.2%
This is a critical access bypass vulnerability. A site is only affected by this if all of the following conditions are met:
- The site has the RESTful Web Services (
rest) module enabled. - The site allows
PATCHrequests. - An attacker can get or register a user account on the site.
While we don’t normally provide security releases for unsupported minor releases, given the potential severity of this issue, we have also provided an 8.2.x release to ensure that sites that have not had a chance to update to 8.3.0 can update safely.
Related
nessus
nessus
Fedora 24 : drupal8 (2017-e8767a2fbb)
2017-05-02 00:00:00
FreeBSD : drupal8 -- Drupal Core - Critical - Access Bypass (1455c86c-26c2-11e7-9daa-6cf0497db129)
2017-04-24 00:00:00
Fedora 25 : drupal8 (2017-041473e742)
2017-05-02 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: drupal8-8.3.1-1.fc25
2017-05-02 02:03:47
[SECURITY] Fedora 24 Update: drupal8-8.3.1-1.fc24
2017-05-02 00:25:00
[SECURITY] Fedora 26 Update: drupal8-8.3.1-1.fc26
2017-04-27 20:56:56
veracode
veracode
Access Bypass
2017-05-24 06:52:26
osv
osv
Drupal access control bypass vulnerability
2022-05-13 01:46:49
CVE-2017-6919
2017-04-20 02:59:00
prion
prion
Design/Logic Flaw
2017-04-20 02:59:00
freebsd
freebsd
drupal8 -- Drupal Core - Critical - Access Bypass
2017-04-19 00:00:00
openvas
openvas
Fedora Update for drupal8 FEDORA-2017-e8767a2fbb
2017-05-03 00:00:00
Fedora Update for drupal8 FEDORA-2017-041473e742
2017-05-03 00:00:00
Drupal Core Access Bypass Vulnerability (SA-CORE-2017-002)
2017-04-20 00:00:00
ubuntucve
ubuntucve
CVE-2017-6919
2017-04-20 00:00:00
cve
cve
CVE-2017-6919
2017-04-20 02:59:00