4.3
CVE-2013-2197
- EPSS 0.56%
- Veröffentlicht 28.08.2013 22:55:05
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a large number of failed login attempts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Login Security Project ≫ Login Security Version6.x-1.0
Login Security Project ≫ Login Security Version6.x-1.0 Updatebeta1
Login Security Project ≫ Login Security Version6.x-1.0 Updaterc1
Login Security Project ≫ Login Security Version6.x-1.1
Login Security Project ≫ Login Security Version6.x-1.2
Login Security Project ≫ Login Security Version6.x-1.3
Login Security Project ≫ Login Security Version6.x-1.x Updatedev
Login Security Project ≫ Login Security Version7.x-1.0
Login Security Project ≫ Login Security Version7.x-1.1
Login Security Project ≫ Login Security Version7.x-1.2
Login Security Project ≫ Login Security Version7.x-1.x Updatedev
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.56% | 0.657 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.