CVE-2015-7875

Published Aug 7, 2017
Last updated 7 years ago
CVSS high 7.5
Overview

Description: ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "707AD226-1D2E-46B5-9626-FDD99A5F7EEC"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5B9EF92-78B1-44DE-83C5-068199E0EE44"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha2:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C05A815-09CB-4201-8345-89AE530D9925"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha3:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "492C9CF3-A6D8-4BC2-B9CE-6575BEF6C490"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C89BFC4-CBFE-40D0-AF4B-D18750F8F83E"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta2:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7158E609-D504-4938-9651-2A782D319838"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta3:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CF31BF7-3BD2-4EA1-BEA1-C73E5AAD6779"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta4:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9EFC7E5-F1D7-4EB3-B185-A7CFDA961261"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:rc1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA34F407-47D1-4F39-B26A-84FCD05EE6ED"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.1:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B3D4721-7320-423F-8E76-07E4D2E7F6DD"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.2:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58C0D287-58A4-4C8D-9042-29042FA412F7"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.3:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE51E707-6ABD-431C-B3B7-89D514BFFC84"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.4:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDC0B3F6-DF07-4E0A-8F37-3261AD144E6A"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.5:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "599655AB-52D9-47E8-B388-CFB4F75DB8D1"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.6:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7450146-5D5D-4681-99F1-2952AB0855B4"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.7:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43E0AAD2-2937-4389-BF5E-A63A33723F1A"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.8:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82843F45-7863-4D43-AAC6-E807356D16A5"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.9:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "754DAD0C-555C-41E8-8384-CD5A21442992"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.11:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77BC1FBB-7D2A-4651-B9AA-E34DBBAA8B59"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.12:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "081EC9A4-A303-41B7-85AD-2B63D19F6D3D"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.13:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC29EF2B-3E16-4808-89FA-DE57DBCEAEBA"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.x:dev:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4437675C-D86D-4903-9641-3AA3D28BD9F2"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FA4E46D-F7D9-448D-B971-D8EE786EB3AC"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:alpha1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03BCA1E8-4733-4653-BA48-EEB373DFE218"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:alpha2:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A481BBC-B7DE-4AB7-A582-85E02ADFCAEE"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:alpha3:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00DBF5CE-D194-4446-80C8-C332AD02E50E"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:alpha4:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16B9EAD7-E9A4-451D-9A23-E9372C239322"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:beta1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAD3327C-8619-4A96-B9C9-FFB4F374492C"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:rc1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62E855A8-381E-471B-AD3F-811DA35DAAE3"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0:rc2:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5055F95-FEC4-4C14-8DD6-AD535FBCD401"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.1:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFA33F20-D932-42F3-84B0-9E55645D64D6"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.2:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F56B3706-6AF5-42C9-A565-882AE03ADA9D"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.3:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7683107F-23E1-4220-91FA-CFCDD2129AE1"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.4:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "698747A0-461D-409B-B9DE-9059CCF81AA8"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.5:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05D4A651-2FFE-42D1-8412-4C3C4098995F"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.6:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF5CE8CA-69E1-465A-9F16-C96FB1E0F564"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.6:rc1:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B28B89-76C3-4407-84EF-48CBF6FBD783"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.7:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67F3EE9A-42F2-47EB-8E1F-666AFDFC3A6E"
          },
          {
            "criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.x:dev:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6792E424-EA0A-4341-91E6-9C14446B6FCF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
