CVE-2012-2702
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal does not properly check access for product keys, which allows remote attackers to read all unassigned product keys via certain conditions related to the uid.
El módulo Ubercart Product Keys v6.x-1.x anterior a v6.x-1.1 para Drupal no comprueba correctamente el acceso a las claves, lo que permite a atacantes remotos leer todas las claves del producto no asignadas a través de ciertas condiciones relacionadas con el uid.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-06-27 CVE Published
- 2023-03-14 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/82005 | Vdb Entry | |
| http://secunia.com/advisories/49169 | Third Party Advisory | |
| http://www.openwall.com/lists/oss-security/2012/06/14/3 | Mailing List |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75720 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://drupalcode.org/project/uc_product_keys.git/commitdiff/19fa261 | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| http://drupal.org/node/1580752 | 2017-08-29 | |
| http://drupal.org/node/1585532 | 2017-08-29 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | alpha1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | alpha2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | alpha3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | beta1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | rc1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Tony Freixas Search vendor "Tony Freixas" | Ubercart Product Keys Search vendor "Tony Freixas" for product "Ubercart Product Keys" | 6.x-1.0 Search vendor "Tony Freixas" for product "Ubercart Product Keys" and version "6.x-1.0" | rc2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|