CVE-2008-1731
Last modified
CVE-2008-1731 is a vulnerability of currently unknown severity. The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not properly handle the privacy information for nodes, which might allow remote attackers to bypass intended access restrictions, and read or modify nodes, in opportunistic circumstances related to interaction between Simple Access and (1) Node clone or (2) Project issue tracking.. EPSS estimates a 1.60% chance of exploitation in the next 30 days.
Description
The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not properly handle the privacy information for nodes, which might allow remote attackers to bypass intended access restrictions, and read or modify nodes, in opportunistic circumstances related to interaction between Simple Access and (1) Node clone or (2) Project issue tracking.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| 3281d | Simple Access | 5.x-1.0 |
| 3281d | Simple Access | 5.x-1.0-beta1 |
| 3281d | Simple Access | 5.x-1.1 |
| 3281d | Simple Access | 5.x-1.2 |
| 3281d | Simple Access | 5.x-1.2-1 |
| 3281d | Simple Access | 5.x-1.x-dev |
References
- http://drupal.org/node/244560Patch, Vendor Advisory
- http://secunia.com/advisories/29772Vendor Advisory
- http://drupal.org/node/244560Patch, Vendor Advisory
- http://secunia.com/advisories/29772Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-1731?
How severe is CVE-2008-1731?
How do I fix CVE-2008-1731?
Are you affected by CVE-2008-1731?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST