CVE-2015-7227

Published Sep 17, 2015

Last updated 9 years ago

Overview

Description: The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.0:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7E5D01E-2496-43EF-9149-C75087E6DDB6"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.0:beta2:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66FADF9E-7ADC-40F3-B59F-D2796E033537"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.1:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB221FA2-328D-4E24-A066-46B20E233BD2"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.2:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B5540A2-745E-4E3B-87C1-8307ADFE1718"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.3:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "121C4EFD-A256-4AB3-9369-10A62C53721F"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.4:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69F46207-05A1-4A42-986E-EFBD781AF63F"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.5:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28D0A958-2670-4859-8867-0719BD26A34B"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.6:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2D8C9D1-4283-4C3F-AF5F-B8AC8BD0C952"
          },
          {
            "criteria": "cpe:2.3:a:fieldable_panels_panes_project:fieldable_panels_panes:7.x-1.x:dev:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2059605A-B3C2-4287-A298-64ABC503E4C3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References