Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-2035
drupal
services
cve-2009-2035
nvd
access control
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.6%
Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors.
Affected configurations
Node
drupalservices_module_for_drupalRange≤6.x-0.13
ORdrupalservices_module_for_drupalMatch6.x-0.12
Related
prion
prion
Code injection
2009-06-12 18:00:00
nvd
nvd
CVE-2009-2035
2009-06-12 18:00:00
cvelist
cvelist
CVE-2009-2035
2022-10-03 16:24:08
nessus
nessus
Drupal SA-CONTRIB-2009-036: Services Module Key-Based Access Bypass
2009-06-11 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.6%
Related for CVE-2009-2035