CVE-2014-5179

Sažetak

The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.

Reference

http://www.securityfocus.com/bid/68861
https://exchange.xforce.ibmcloud.com/vulnerabilities/94870
https://www.drupal.org/node/2308503

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-09-2017 - 01:29

Objavljeno

06-08-2014 - 18:55