CVE-2013-2247
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to the modal content callback, which allows remote attackers to obtain unspecified access to the permissions edit form.
El módulo Fast Permissions Administration v6.x-2.x anterior a v6.x-2.5 y v7.x-2.x anterior a v7.x-2.3 para Drupal no restringe adecuadamente el acceso a la función de llamada de modelo de contenidos lo que permite a atacantes remotos obtener acceso no especificado en el formulario de edición permisos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-02-19 CVE Reserved
- 2013-08-28 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/07/06/3 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://drupal.org/node/2028417 | 2013-10-07 | |
| https://drupal.org/node/2028421 | 2013-10-07 |
| URL | Date | SRC |
|---|---|---|
| https://drupal.org/node/2028813 | 2013-10-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.0 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.1 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.2 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.3 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.4 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.4" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 6.x-2.x Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "6.x-2.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 7.x-2.0 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "7.x-2.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 7.x-2.1 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "7.x-2.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 7.x-2.2 Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "7.x-2.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
| Fast Permissions Administration Project Search vendor "Fast Permissions Administration Project" | Fast Permission Administration Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" | 7.x-2.x Search vendor "Fast Permissions Administration Project" for product "Fast Permission Administration" and version "7.x-2.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|