CVE-2015-7305

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a "debug context."

Vulnerabilidad en el módulo Scald 7.x-1.x en versiones anteriores a 7.x-1.5 para Drupal, no restringe adecuadamente el acceso a los campos, lo que permite a atacantes remotos obtener información sensible de la propiedad atom a través de vectores que involucran un 'debug context'.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-09-21 CVE Reserved
2015-09-21 CVE Published
2024-09-16 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://www.drupal.org/node/2569621	2015-09-23
https://www.drupal.org/node/2569631	2015-09-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		-		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		alpha1		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		alpha2		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		beta1		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		beta2		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		beta3		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		beta4		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		rc1		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		rc2		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		rc3		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.0 Search vendor "Ows" for product "Scald" and version "7.x-1.0"		rc4		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.1 Search vendor "Ows" for product "Scald" and version "7.x-1.1"		-		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.2 Search vendor "Ows" for product "Scald" and version "7.x-1.2"		-		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.3 Search vendor "Ows" for product "Scald" and version "7.x-1.3"		-		Affected
Ows Search vendor "Ows"		Scald Search vendor "Ows" for product "Scald"				7.x-1.4 Search vendor "Ows" for product "Scald" and version "7.x-1.4"		-		Affected