CVE-2015-5512
Published Aug 18, 2015
Last updated 8 years ago
Overview
- Description
- The me aliases module 6.x-2.x before 6.x-2.10 and 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to access Views using the "me" user argument handler by substituting "me" for a user id in a URL.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-284
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.0:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "6F189EC0-DBF2-447C-A4BB-AE627DCB9B68" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.1:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "D9BF2147-D2A9-44A4-9B03-BF06F1E9CEF7" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.2:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "08696759-3D97-4E68-A041-A36478918D00" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.3:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "FF1C4CFB-C69C-44C8-A0DC-13EC191B6E53" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.4:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "4A6CE0FD-5FDF-4431-922F-4766B0934BB3" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.5:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "C3A3EAE1-13DC-4E9E-8463-3DAA046D9775" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.6:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "08D0C466-8FCC-45E4-A519-ABB71D18D567" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.7:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "EF6B5FD0-8ED9-4391-BBDF-A1ECEFBA2286" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.8:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "A0E8293A-3450-4CBD-8B79-BC703E2AA6FD" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:6.x-2.9:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "0E824A40-A314-4A4C-85D9-6D434E48FC61" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:7.x-1.0:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "80140322-A0F6-4195-9EA5-3C8A2083CAAE" }, { "criteria": "cpe:2.3:a:me_aliases_project:me_aliases:7.x-1.1:*:*:*:*:drupal:*:*", "vulnerable": true, "matchCriteriaId": "68C5D992-A321-4174-8000-CEFC1AFC4817" } ], "operator": "OR" } ] } ]