3.5

CVE-2012-4500

The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nancy WichmannAnnouncements Version6.x-1.0
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.0 Updatebeta
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.1
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.2
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.3
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.4
   DrupalDrupal Version-
Nancy WichmannAnnouncements Version6.x-1.x Updatedev
   DrupalDrupal Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.492
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:P/A:N
http://drupal.org/node/1762480
Patch
Vendor Advisory