CVE-2012-5586
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."
El módulo Services v6.x-3.x antes de v6.x-3.3 y v7.x-3.x antes de v7.x-3.3 para Drupal permite a usuarios remotos autenticados con el permiso de "acceso a perfiles de usuario" para acceder a correos electrónicos de usuarios de su elección a través de vectores relacionados con el "método del índice de usuario" y "la ruta de acceso al recurso de usuario".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-10-24 CVE Reserved
- 2012-12-26 CVE Published
- 2023-11-16 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/11/29/2 | Mailing List |
|
| http://www.securityfocus.com/bid/56723 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://drupal.org/node/1842022 | 2013-02-26 | |
| http://drupal.org/node/1842026 | 2013-02-26 | |
| http://drupal.org/node/1853200 | 2013-02-26 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | alpha1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | beta1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | beta2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | rc1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | rc2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | rc3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | rc4 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | unstable1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | unstable2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.0" | unstable3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.1 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.2 Search vendor "Marc Ingram" for product "Services" and version "6.x-3.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 6.x-3.x Search vendor "Marc Ingram" for product "Services" and version "6.x-3.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | beta1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | beta2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc4 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc5 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.0 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.0" | rc6 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.1 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.2 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.3 Search vendor "Marc Ingram" for product "Services" and version "7.x-3.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Marc Ingram Search vendor "Marc Ingram" | Services Search vendor "Marc Ingram" for product "Services" | 7.x-3.x Search vendor "Marc Ingram" for product "Services" and version "7.x-3.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|