Lucene search
Ubuntu.comUB:CVE-2013-7068HistoryApr 29, 2014 - 12:00 a.m.
CVE-2013-7068
2014-04-2900:00:00
ubuntu.com
ubuntu.com
6
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
50.2%
The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows
remote authenticated users to bypass group restrictions on nodes with all
groups set to optional input via an empty group field.
Notes
| Author | Note |
|---|---|
| leosilva | Drupal core is not affected. If you do not use the contributed Organic groups module, there is nothing you need to do. If you use the Organic Groups module for Drupal 7.x, upgrade to og 7.x-2.4 |
Related
cvelist
cvelist
CVE-2013-7068
2014-04-29 14:00:00
prion
prion
Input validation
2014-04-29 14:38:00
cve
cve
CVE-2013-7068
2014-04-29 14:38:43
nvd
nvd
CVE-2013-7068
2014-04-29 14:38:43
drupal
drupal
SA-CONTRIB-2013-095 - Organic Groups - Access bypass
2013-11-20 00:00:00
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
50.2%
Related for UB:CVE-2013-7068