CVE-2005-1871
Published Jun 9, 2005
Last updated 8 years ago
Overview
- Description
- Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBFF99BC-5E1D-4ADA-8BE7-07F7761C972C"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA805CAF-A678-43A9-932D-EE35DBCCA793"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18331C39-0ACE-4651-9D9F-1533AAD7C58C"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5093F703-13AA-4EEC-8659-C5EB29A54AA1"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82317650-F136-446D-904D-354B4D26E91B"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06A1ACAF-A468-43F0-9FAD-FA3D48363843"
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95DA206C-EF72-4379-9ED8-795FCAD0BE19"
}
],
"operator": "OR"
}
]
}
]