CVE-2015-7305

Published Sep 21, 2015

Last updated 9 years ago

CVSS info 5.0

Overview

Description: The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a "debug context."
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43ECEEF8-BE21-4C57-A202-95A2BE9AAC18"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:alpha1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E9CBB87-D50F-4DFB-A873-21C58DF9E077"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:alpha2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B54DE0B9-50E6-4EAF-A198-FF11773BEA09"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "460DEDB3-3F7F-48C9-8844-FAA69C2C2A14"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9946E090-EC90-41AB-9D98-518E63AF30E9"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F3B7FF1-D92D-4805-AFD0-FD667A3515F8"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD9E8499-B0F0-4150-A66D-FF2CD9DF3CE9"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4E8B814-46A8-4D92-8805-A39D43CD344F"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAAAA1AA-1B05-498A-8401-B019E50FFE9D"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "133F6690-22CB-4536-8D09-54D7E0EB31E6"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.0:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA3A7DF9-31B2-47BA-9BA3-ECACDB1A0B0F"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D627DC0E-D4C5-46ED-92E9-912C7F307D45"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39CC49A1-2C55-4CEB-BA4A-CFE23212D693"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA1622A5-E203-4B08-A7E4-4705E7DB3A69"
          },
          {
            "criteria": "cpe:2.3:a:ows:scald:7.x-1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "380108A6-8920-4014-ABEC-F5E24A6FA76A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References