CVE-2012-1057
Published Feb 14, 2012
Last updated 7 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node rankings via the tracking code, possibly related to improper "flood control."
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "591EF0E9-CCA3-4996-AB5B-5E9C3B4D4571"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A3EE2BE-49DC-4573-AB55-3D0E80F2F70D"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "310173CA-5639-4270-9134-A18EB3DD551D"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "533B6B8A-BE5E-4D19-AA1A-2B5C887C5BEE"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B2B21E2-17B5-45EB-8A4F-FCC63EF0668C"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C049D3E3-D4EA-4AE3-BED2-A63F3EEDA7F0"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BC8677D-28BD-42C8-A469-0070FD141BDF"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D0307CD-9507-4FA2-8294-642688287717"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6D66470-7133-4380-AC55-EE15C51F72D3"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "000C51E5-4CE6-4839-BA93-4FFDD2EDCEDB"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3989A71-9188-4FCF-828B-04DE4ABA1FFA"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3A004DD-9852-4594-AAED-6A837971B606"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "639D6DD6-166D-453E-82BD-9015D4A8B9A6"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECBB54D3-94AF-4D47-853A-9E047950D84C"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "215024FE-1D6C-4220-A34D-3CB3E356C917"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54594F8E-8B3F-40B8-89A3-D974CB39CC65"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "825510E4-F63E-4E2C-BAF2-20A59ECA2EF3"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFCBEB31-6E98-4BBE-878A-441F5BCAEAC2"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31E3EB43-5550-4A59-B941-450934EAC037"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AC1DAAB-7B6F-4CA1-A37B-7EC749E56BA4"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1228050-F0DE-4493-A976-4EFC12E4A05B"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.x-dev:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC598C74-9D35-43EA-A74E-77605C4CEA9A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63E6DB82-17BC-4F6B-AAF0-40054563E6A0"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39F9DB1E-AA37-49AE-80BD-DA0F0BE242DF"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FAAB6A6-4844-41AA-AB5E-0DC94FCE43BF"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CBCB70F-ED6D-489F-8AE7-EA96CDA4DEA1"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39881745-9EF8-44E7-8EBC-D99D7600D6F3"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A662BB80-197A-4A5B-B25F-1FBBC01AAF4D"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD9CED5B-9A11-497C-B426-EBAF9BB30466"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "925866B3-0DF1-4B0B-8086-B7A72D317DBC"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A430208-187A-4BD7-BE60-4AC7819322F3"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8E02D86-E313-407D-8951-89E10AE6B6EA"
},
{
"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.x-dev:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66A7EE37-458E-4150-A779-92F58079B23A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]