Lucene search
HistoryOct 29, 2008 - 3:31 p.m.
CVE-2008-4791
drupal
cve-2008-4791
user module
remote authentication
security vulnerability
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
60.8%
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
Affected configurations
Node
drupaldrupalRange5.0–5.11
ORdrupaldrupalRange6.0–6.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| drupal:drupal | drupal | lt | 5.11 |
| drupal:drupal | drupal | lt | 6.5 |
Related
prion
prion
Design/Logic Flaw
2008-10-29 15:31:00
ubuntucve
ubuntucve
CVE-2008-4791
2008-10-29 00:00:00
cvelist
cvelist
CVE-2008-4791
2008-10-29 15:00:00
nvd
nvd
CVE-2008-4791
2008-10-29 15:31:35
openvas
openvas
FreeBSD Ports: drupal5
2008-11-01 00:00:00
FreeBSD Ports: drupal5
2008-11-01 00:00:00
Drupal Core Multiple Vulnerabilities
2008-11-04 00:00:00
nessus
nessus
FreeBSD : drupal -- multiple vulnerabilities (12efc567-9879-11dd-a5e7-0030843d3802)
2008-10-13 00:00:00
Drupal 5.x < 5.11 / 6.x < 6.5 Multiple Vulnerabilities (SA-2008-060)
2020-03-30 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2008-10-08 00:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
60.8%
Related for CVE-2008-4791