CVE-2012-1590

Exploit

EPSS 0.28%
Veröffentlicht 01.10.2012 00:55:00
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

NVD 30 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Drupal ≫ Drupal Version7.0

Drupal ≫ Drupal Version7.0 Updatealpha1

Drupal ≫ Drupal Version7.0 Updatealpha2

Drupal ≫ Drupal Version7.0 Updatealpha3

Drupal ≫ Drupal Version7.0 Updatealpha4

Drupal ≫ Drupal Version7.0 Updatealpha5

Drupal ≫ Drupal Version7.0 Updatealpha6

Drupal ≫ Drupal Version7.0 Updatealpha7

Drupal ≫ Drupal Version7.0 Updatebeta1

Drupal ≫ Drupal Version7.0 Updatebeta2

Drupal ≫ Drupal Version7.0 Updatebeta3

Drupal ≫ Drupal Version7.0 Updatedev

Drupal ≫ Drupal Version7.0 Updaterc1

Drupal ≫ Drupal Version7.0 Updaterc2

Drupal ≫ Drupal Version7.0 Updaterc3

Drupal ≫ Drupal Version7.0 Updaterc4

Drupal ≫ Drupal Version7.1

Drupal ≫ Drupal Version7.2

Drupal ≫ Drupal Version7.3

Drupal ≫ Drupal Version7.4

Drupal ≫ Drupal Version7.5

Drupal ≫ Drupal Version7.6

Drupal ≫ Drupal Version7.7

Drupal ≫ Drupal Version7.8

Drupal ≫ Drupal Version7.9

Drupal ≫ Drupal Version7.10

Drupal ≫ Drupal Version7.11

Drupal ≫ Drupal Version7.12

Drupal ≫ Drupal Version7.13

Drupal ≫ Drupal Version7.x-dev

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.28%	0.511

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://drupal.org/node/1557938

Vendor Advisory

http://secunia.com/advisories/49012

http://www.mandriva.com/security/advisories?name=MDVSA-2013:074

http://drupal.org/drupal-7.14

Vendor Advisory

http://drupal.org/node/1302404

Patch

http://drupalcode.org/project/drupal.git/commit/352645e4a636cadeb5576231b3547972eebdd8e5

Exploit

http://www.securityfocus.com/bid/53359

https://nvd.nist.gov/vuln/detail/CVE-2012-1590

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1590

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1590

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2012-1590