Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-2983
HistoryApr 23, 2014 - 12:00 a.m.

CVE-2014-2983

2014-04-2300:00:00
ubuntu.com
ubuntu.com
5

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.7%

Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the
cached data of different anonymous users, which allows remote anonymous
users to obtain sensitive interim form input information in opportunistic
situations via unspecified vectors.

Notes

Author Note
seth-arnold See Drupal’s advisory, changes to hosted applications may be necessary
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchdrupal7< anyUNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.7%

Related for UB:CVE-2014-2983