CVE-2012-5586
Published Dec 26, 2012
Last updated 12 years ago
Overview
- Description
- The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8709726B-3CC9-4149-8FFA-57ACB47E1232"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F8D4108-3D6C-4443-A27E-A0853A5398B5"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E59520DC-4B1D-4C78-846F-4A7E092C0B04"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0FF092C-EC93-4371-820B-3A25C0BEF666"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3149C6F6-9C91-4A8E-BEC0-B476D9B3CF1E"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB1E5589-AD4C-4535-B4E2-12665B8A6C45"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8705011-0A2A-43CD-8FA8-D09DE0DFB586"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68E4D950-4F4E-4323-B18B-EEFCDB8F5D54"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F75AD2A4-8CFB-4598-9D7B-C311731C49C8"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21599548-D154-4AC6-9700-2AD02281B097"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "990E06E3-3164-4A83-AAC0-64E39B02BD65"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D9B12B8-1A47-48CD-9439-842EC59C8560"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA3972A6-A0CC-4F61-A6FF-D0B8B5139559"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:6.x-3.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AF42B77-B1EB-4B06-941C-FC414568E0BC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0401AB3-8CD3-4191-BD67-FDEF8AC389E7"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8F3E689-9099-4B52-A521-C9933CEC3A83"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF87F785-B660-4471-8525-8C38E4B1ED0D"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92E55B94-035B-4C95-844A-994FC9098DA8"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F178FBC3-11A0-4341-B930-7FD45F2E9391"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFC242C4-3283-4D6D-B69F-869E971D2102"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1A2F122-6D2C-42BC-8DA5-BBD19CE5FC5A"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57C52124-9EF2-448B-B768-A9CAAAF4F9A6"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.0:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35055934-F01E-44DF-906B-B0B23BDBE9EA"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82C2C7C6-AE59-4BCF-8296-591D6DBFD907"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "840E97FC-3BA3-43C9-AB0B-49267D75F529"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41060BF1-EFD1-449D-8D41-C6B898058DFE"
},
{
"criteria": "cpe:2.3:a:marc_ingram:services:7.x-3.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32EBEE31-40E3-40A2-8FCB-EF726A1451EA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]