5
CVE-2012-4475
- EPSS 1.33%
- Veröffentlicht 30.11.2012 22:55:01
- Zuletzt bearbeitet 16.06.2026 23:45:10
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and answers via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Security Questions Project ≫ Security Questions Version6.x-1.0
Security Questions Project ≫ Security Questions Version6.x-1.x Updatedev
Security Questions Project ≫ Security Questions Version7.x-1.0
Security Questions Project ≫ Security Questions Version7.x-1.x Updatedev
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.33% | 0.674 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://www.openwall.com/lists/oss-security/2012/10/04/3
http://drupal.org/node/1648200
http://drupal.org/node/1648204
http://drupal.org/node/1679532