CVE-2012-5589
Published Dec 26, 2012
Last updated 12 years ago
Overview
- Description
- The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal does not properly check node permissions when generating an in-content link, which allows remote authenticated users with text-editing permissions to read arbitrary node titles via a generated link.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7FF857D7-46F4-43FB-8786-201C31C2D91B"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A71AE2B4-776E-4B3D-92D4-CE6270897F26"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FBD30DC-0A63-4E3E-8906-A379A0A265C1"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A296E283-9561-4CAE-A831-FBD2070E4235"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E10D4DC2-FB36-4037-9C03-1F8E4BD71D5B"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6C0D54E-792F-450A-9D19-1B5C66996064"
},
{
"criteria": "cpe:2.3:a:netgenius:multilink:6.x-2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C50BF43C-418F-4DB1-ACF1-25E21ADD5CDE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netgenius:multilink:7.x-2.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C13FD4C-AEA6-4B0F-9B1A-B8585A379E28"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]