3.5
CVE-2012-4500
- EPSS 0.99%
- Veröffentlicht 31.10.2012 16:55:03
- Zuletzt bearbeitet 16.06.2026 23:45:12
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nancy Wichmann ≫ Announcements Version6.x-1.0
Nancy Wichmann ≫ Announcements Version6.x-1.0 Updatebeta
Nancy Wichmann ≫ Announcements Version6.x-1.1
Nancy Wichmann ≫ Announcements Version6.x-1.2
Nancy Wichmann ≫ Announcements Version6.x-1.3
Nancy Wichmann ≫ Announcements Version6.x-1.4
Nancy Wichmann ≫ Announcements Version6.x-1.x Updatedev
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.99% | 0.58 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:P/A:N
|
http://www.openwall.com/lists/oss-security/2012/10/04/6
http://www.openwall.com/lists/oss-security/2012/10/07/1
http://drupal.org/node/1761038
http://drupal.org/node/1762480
http://www.securityfocus.com/bid/55283