Lucene search

[email protected]CVE-2012-1590

HistoryOct 01, 2012 - 12:55 a.m.

CVE-2012-1590

2012-10-0100:55:00

CWE-264

[email protected]

web.nvd.nist.gov

drupal

cve-2012-1590

security

nvd

information disclosure

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

Affected configurations

NVD

Node

drupaldrupalMatch7.0

drupaldrupalMatch7.0alpha1

drupaldrupalMatch7.0alpha2

drupaldrupalMatch7.0alpha3

drupaldrupalMatch7.0alpha4

drupaldrupalMatch7.0alpha5

drupaldrupalMatch7.0alpha6

drupaldrupalMatch7.0alpha7

drupaldrupalMatch7.0beta1

drupaldrupalMatch7.0beta2

drupaldrupalMatch7.0beta3

drupaldrupalMatch7.0dev

drupaldrupalMatch7.0rc1

drupaldrupalMatch7.0rc2

drupaldrupalMatch7.0rc3

drupaldrupalMatch7.0rc4

drupaldrupalMatch7.1

drupaldrupalMatch7.2

drupaldrupalMatch7.3

drupaldrupalMatch7.4

drupaldrupalMatch7.5

drupaldrupalMatch7.6

drupaldrupalMatch7.7

drupaldrupalMatch7.8

drupaldrupalMatch7.9

drupaldrupalMatch7.10

drupaldrupalMatch7.11

drupaldrupalMatch7.12

drupaldrupalMatch7.13

drupaldrupalMatch7.x-dev

CPENameOperatorVersion
drupal:drupaldrupaleq7.0
drupal:drupaldrupaleq7.1
drupal:drupaldrupaleq7.2
drupal:drupaldrupaleq7.3
drupal:drupaldrupaleq7.4
drupal:drupaldrupaleq7.5
drupal:drupaldrupaleq7.6
drupal:drupaldrupaleq7.7
drupal:drupaldrupaleq7.8
drupal:drupaldrupaleq7.9

CPE	Name	Operator	Version
drupal:drupal	drupal	eq	7.0
drupal:drupal	drupal	eq	7.1
drupal:drupal	drupal	eq	7.2
drupal:drupal	drupal	eq	7.3
drupal:drupal	drupal	eq	7.4
drupal:drupal	drupal	eq	7.5
drupal:drupal	drupal	eq	7.6
drupal:drupal	drupal	eq	7.7
drupal:drupal	drupal	eq	7.8
drupal:drupal	drupal	eq	7.9