CVE-2012-2302
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.
El módulo para Drupal Site Documentation (Sitedoc) no comprueba correctamente la ubicación de almacenamiento al comprimir, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-04-19 CVE Reserved
- 2012-07-25 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://drupal.org/node/1546224 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2012/05/03/1 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2012/05/03/2 | Mailing List |
|
| http://www.osvdb.org/81555 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://drupalcode.org/project/sitedoc.git/commitdiff/521721c | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://drupal.org/node/1547686 | 2012-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.0 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.0 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.0" | beta1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.0 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.0" | beta2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.0 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.0" | rc4 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.1 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.2 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.3 Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Nancy Wichmann Search vendor "Nancy Wichmann" | Sitedoc Search vendor "Nancy Wichmann" for product "Sitedoc" | 6.x-1.x Search vendor "Nancy Wichmann" for product "Sitedoc" and version "6.x-1.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|