CVE-2012-4500
Published Oct 31, 2012
Last updated 12 years ago
Overview
- Description
- The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "478ED655-ED44-4EA4-92AE-5DFBCFBC5996"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.0:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C967C608-6B0E-4774-8A33-7D29AB4530C4"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA81044A-CAB0-4A25-A02E-A410A17FA74C"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "030E5319-C3B8-4F58-8C25-F88F94CD37F7"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1CF5B5E-FF63-4155-8BDE-AE486B994223"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9226D17-9207-4F0B-ADE4-21721786E50A"
},
{
"criteria": "cpe:2.3:a:nancy_wichmann:announcements:6.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3666C0AA-E5E5-4E04-B541-45B8057B1401"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]