Lucene search

[email protected]CVE-2012-5652

HistoryJan 03, 2013 - 1:55 a.m.

CVE-2012-5652

2013-01-0301:55:03

CWE-200

[email protected]

web.nvd.nist.gov

cve-2012-5652

drupal

information disclosure

rss feed

search result

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.

Affected configurations

NVD

Node

drupaldrupalMatch6.0

drupaldrupalMatch6.0beta1

drupaldrupalMatch6.0beta2

drupaldrupalMatch6.0beta3

drupaldrupalMatch6.0beta4

drupaldrupalMatch6.0dev

drupaldrupalMatch6.0rc1

drupaldrupalMatch6.0rc2

drupaldrupalMatch6.0rc3

drupaldrupalMatch6.0rc4

drupaldrupalMatch6.1

drupaldrupalMatch6.2

drupaldrupalMatch6.3

drupaldrupalMatch6.4

drupaldrupalMatch6.5

drupaldrupalMatch6.6

drupaldrupalMatch6.7

drupaldrupalMatch6.8

drupaldrupalMatch6.9

drupaldrupalMatch6.10

drupaldrupalMatch6.11

drupaldrupalMatch6.12

drupaldrupalMatch6.13

drupaldrupalMatch6.14

drupaldrupalMatch6.15

drupaldrupalMatch6.16

drupaldrupalMatch6.17

drupaldrupalMatch6.18

drupaldrupalMatch6.19

drupaldrupalMatch6.20

drupaldrupalMatch6.21

drupaldrupalMatch6.22

drupaldrupalMatch6.23

drupaldrupalMatch6.24

drupaldrupalMatch6.25

drupaldrupalMatch6.26

CPENameOperatorVersion
drupal:drupaldrupaleq6.0
drupal:drupaldrupaleq6.1
drupal:drupaldrupaleq6.2
drupal:drupaldrupaleq6.3
drupal:drupaldrupaleq6.4
drupal:drupaldrupaleq6.5
drupal:drupaldrupaleq6.6
drupal:drupaldrupaleq6.7
drupal:drupaldrupaleq6.8
drupal:drupaldrupaleq6.9

CPE	Name	Operator	Version
drupal:drupal	drupal	eq	6.0
drupal:drupal	drupal	eq	6.1
drupal:drupal	drupal	eq	6.2
drupal:drupal	drupal	eq	6.3
drupal:drupal	drupal	eq	6.4
drupal:drupal	drupal	eq	6.5
drupal:drupal	drupal	eq	6.6
drupal:drupal	drupal	eq	6.7
drupal:drupal	drupal	eq	6.8
drupal:drupal	drupal	eq	6.9