Lucene search

[email protected]CVE-2008-6160

HistoryFeb 18, 2009 - 4:30 p.m.

CVE-2008-6160

2009-02-1816:30:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-6160

sioc module

drupal

unauthorized access

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, does not properly implement menu and database APIs, which allows remote attackers to obtain usernames and read hashed emails and comments via unspecified vectors.

Affected configurations

NVD

Node

drupalsemantically_interconnected_online_communitiesRange≤5.x_1.0

drupalsemantically_interconnected_online_communitiesRange≤6.x_1.0

CPENameOperatorVersion
drupal:semantically_interconnected_online_communitiesdrupal semantically interconnected online communitiesle5.x_1.0
drupal:semantically_interconnected_online_communitiesdrupal semantically interconnected online communitiesle6.x_1.0

CPE	Name	Operator	Version
drupal:semantically_interconnected_online_communities	drupal semantically interconnected online communities	le	5.x_1.0
drupal:semantically_interconnected_online_communities	drupal semantically interconnected online communities	le	6.x_1.0

References

drupal.org/node/318749

secunia.com/advisories/32191

www.securityfocus.com/bid/31658

exchange.xforce.ibmcloud.com/vulnerabilities/45762

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2008-6160

prion1 nvd1 cvelist1