CVE-2015-5509
Severity Score
6.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors.
Vulnerabilidad en el módulo Administration Views 7.x-1.x en versiones anteriores a 7.x-1.4 para Drupal, cuando se utiliza con otros módulos no especificados, no garantiza adecuadamente acceso a las páginas de administración, lo que permite a administradores remotos eludir las restricciones previstas a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-07-10 CVE Reserved
- 2015-08-18 CVE Published
- 2024-08-06 CVE Updated
- 2024-09-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/07/04/4 | Mailing List |
|
| http://www.securityfocus.com/bid/75278 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.drupal.org/node/2430043 | 2016-11-28 | |
| https://www.drupal.org/node/2507645 | 2016-11-28 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Administration Views Project Search vendor "Administration Views Project" | Administration Views Search vendor "Administration Views Project" for product "Administration Views" | 7.x-1.0 Search vendor "Administration Views Project" for product "Administration Views" and version "7.x-1.0" | drupal |
Affected
| ||||||
| Administration Views Project Search vendor "Administration Views Project" | Administration Views Search vendor "Administration Views Project" for product "Administration Views" | 7.x-1.0 Search vendor "Administration Views Project" for product "Administration Views" and version "7.x-1.0" | rc1, drupal |
Affected
| ||||||
| Administration Views Project Search vendor "Administration Views Project" | Administration Views Search vendor "Administration Views Project" for product "Administration Views" | 7.x-1.1 Search vendor "Administration Views Project" for product "Administration Views" and version "7.x-1.1" | drupal |
Affected
| ||||||
| Administration Views Project Search vendor "Administration Views Project" | Administration Views Search vendor "Administration Views Project" for product "Administration Views" | 7.x-1.2 Search vendor "Administration Views Project" for product "Administration Views" and version "7.x-1.2" | drupal |
Affected
| ||||||
| Administration Views Project Search vendor "Administration Views Project" | Administration Views Search vendor "Administration Views Project" for product "Administration Views" | 7.x-1.x Search vendor "Administration Views Project" for product "Administration Views" and version "7.x-1.x" | dev, drupal |
Affected
| ||||||