Lucene search

[email protected]CVE-2013-4501

HistoryMay 13, 2014 - 3:55 p.m.

CVE-2013-4501

2014-05-1315:55:04

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-4501

quiz module

drupal

remote attackers

sensitive information disclosure

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

JSON

The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors.

Affected configurations

NVD

Node

quiz_module_projectquizMatch6.x-4.0-drupal

quiz_module_projectquizMatch6.x-4.0alpha1drupal

quiz_module_projectquizMatch6.x-4.0alpha2drupal

quiz_module_projectquizMatch6.x-4.0alpha3drupal

quiz_module_projectquizMatch6.x-4.0alpha4drupal

quiz_module_projectquizMatch6.x-4.0alpha5drupal

quiz_module_projectquizMatch6.x-4.0beta1drupal

quiz_module_projectquizMatch6.x-4.0beta2drupal

quiz_module_projectquizMatch6.x-4.0beta3drupal

quiz_module_projectquizMatch6.x-4.0beta4drupal

quiz_module_projectquizMatch6.x-4.0beta5drupal

quiz_module_projectquizMatch6.x-4.0beta6drupal

quiz_module_projectquizMatch6.x-4.0beta7drupal

quiz_module_projectquizMatch6.x-4.0beta8drupal

quiz_module_projectquizMatch6.x-4.0devdrupal

quiz_module_projectquizMatch6.x-4.0rc1drupal

quiz_module_projectquizMatch6.x-4.0rc10drupal

quiz_module_projectquizMatch6.x-4.0rc2drupal

quiz_module_projectquizMatch6.x-4.0rc3drupal

quiz_module_projectquizMatch6.x-4.0rc4drupal

quiz_module_projectquizMatch6.x-4.0rc5drupal

quiz_module_projectquizMatch6.x-4.0rc6drupal

quiz_module_projectquizMatch6.x-4.0rc7drupal

quiz_module_projectquizMatch6.x-4.0rc8drupal

quiz_module_projectquizMatch6.x-4.0rc9drupal

quiz_module_projectquizMatch6.x-4.1drupal

quiz_module_projectquizMatch6.x-4.2drupal

quiz_module_projectquizMatch6.x-4.3drupal

quiz_module_projectquizMatch6.x-4.4drupal

CPENameOperatorVersion
quiz_module_project:quizquiz module project quizeq6.x-4.0
quiz_module_project:quizquiz module project quizeq6.x-4.1
quiz_module_project:quizquiz module project quizeq6.x-4.2
quiz_module_project:quizquiz module project quizeq6.x-4.3
quiz_module_project:quizquiz module project quizeq6.x-4.4

CPE	Name	Operator	Version
quiz_module_project:quiz	quiz module project quiz	eq	6.x-4.0
quiz_module_project:quiz	quiz module project quiz	eq	6.x-4.1
quiz_module_project:quiz	quiz module project quiz	eq	6.x-4.2
quiz_module_project:quiz	quiz module project quiz	eq	6.x-4.3
quiz_module_project:quiz	quiz module project quiz	eq	6.x-4.4

References

seclists.org/oss-sec/2013/q4/210

drupal.org/node/2123727

drupal.org/node/2123995

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

JSON

Related for CVE-2013-4501

cvelist1 nvd1 prion1 drupal1