CVE-2006-5476

Published Oct 24, 2006

Last updated 6 years ago

CVSS info 7.5

Overview

Description: Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95DA206C-EF72-4379-9ED8-795FCAD0BE19"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC5ACB7E-0CEB-4417-839A-8B06615FC981"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35BD7D35-AA9D-4589-A6BC-6D34219B7128"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "611B9D43-CE88-4451-A27C-7F6F24016B4F"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD1A7208-6273-4CC6-AB7B-DA855EEF2729"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83457EB5-BA6B-4ECB-8CB2-A10989B3A9F9"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A92C9C-18DD-4FF7-A95D-72EE72C83C0E"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DC016B5-A4C2-4A78-B830-C041C8BAAD76"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35B99C22-9A8C-43F3-9AD8-D901D07D5FCD"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB94DAC5-F0E1-4427-98E4-A5684BF3F408"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94D0FD99-066F-4161-9524-01DD01F31527"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79F8FEEF-6857-4DC8-9D0D-76D801D0E914"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61EC4ECE-6719-4C54-B150-017ACB32E644"
          },
          {
            "criteria": "cpe:2.3:a:drupal:drupal:4.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D5368BD-60AC-49E7-80D4-A5B317319A31"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References