CVE-2012-2730
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions.
El módulo Protected Node v6.x-1.x anterior a v6.x-1.6 para Drupal no protege de forma adecuada el acceso al nodo protegido cuando se accede a los nodos desde una vista que no es la estándar, lo que permitiría a atacantes remotos a evitar las restricciones de acceso impuestas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-06-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/06/14/3 | Mailing List |
|
| http://www.osvdb.org/82984 | Vdb Entry | |
| http://www.securityfocus.com/bid/54001 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/76291 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://drupal.org/node/1258034 | 2017-08-29 | |
| http://drupal.org/node/1632918 | 2017-08-29 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/49509 | 2017-08-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.0 Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.2 Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.3 Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.4 Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.4" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.5 Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.5" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Alexis Wilke Search vendor "Alexis Wilke" | Protected Node Search vendor "Alexis Wilke" for product "Protected Node" | 6.x-1.x Search vendor "Alexis Wilke" for product "Protected Node" and version "6.x-1.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|