Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2687
HistoryJul 27, 2011 - 12:00 a.m.

CVE-2011-2687

2011-07-2700:00:00
ubuntu.com
ubuntu.com
17

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.2%

Drupal 7.x before 7.3 allows remote attackers to bypass intended
node_access restrictions via vectors related to a listing that shows nodes
but lacks a JOIN clause for the node table.

Notes

Author Note
sbeattie from upstream, only affects drupal7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.2%

Related for UB:CVE-2011-2687