Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2015-3378
HistoryApr 21, 2015 - 6:59 p.m.

CVE-2015-3378

2015-04-2118:59:00
mitre
web.nvd.nist.gov
29
cve-2015-3378
views module
drupal
open redirect vulnerability
views ui submodule

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

50.9%

JSON

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to the break lock page for edited views.

Affected configurations

Nvd
Node
views_projectviewsRange6.x-2.16drupal
OR
views_projectviewsMatch6.x-3.0drupal
OR
views_projectviewsMatch6.x-3.0alpha1drupal
OR
views_projectviewsMatch6.x-3.0alpha2drupal
OR
views_projectviewsMatch6.x-3.0alpha3drupal
OR
views_projectviewsMatch6.x-3.0alpha4drupal
OR
views_projectviewsMatch6.x-3.0rc2drupal
OR
views_projectviewsMatch6.x-3.0rc3drupal
OR
views_projectviewsMatch7.x-3.0drupal
OR
views_projectviewsMatch7.x-3.0alpha1drupal
OR
views_projectviewsMatch7.x-3.0beta1drupal
OR
views_projectviewsMatch7.x-3.0beta2drupal
OR
views_projectviewsMatch7.x-3.0beta3drupal
OR
views_projectviewsMatch7.x-3.0rc1drupal
OR
views_projectviewsMatch7.x-3.0rc3drupal
OR
views_projectviewsMatch7.x-3.1drupal
OR
views_projectviewsMatch7.x-3.2drupal
OR
views_projectviewsMatch7.x-3.3drupal
OR
views_projectviewsMatch7.x-3.4drupal
OR
views_projectviewsMatch7.x-3.5drupal
OR
views_projectviewsMatch7.x-3.6drupal
OR
views_projectviewsMatch7.x-3.7drupal
OR
views_projectviewsMatch7.x-3.8drupal
OR
views_projectviewsMatch7.x-3.xdevdrupal
VendorProductVersionCPE
views_projectviews*cpe:2.3:a:views_project:views:*:*:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:*:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:alpha1:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:alpha2:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:alpha3:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:alpha4:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:rc2:*:*:*:drupal:*:*
views_projectviews6.x-3.0cpe:2.3:a:views_project:views:6.x-3.0:rc3:*:*:*:drupal:*:*
views_projectviews7.x-3.0cpe:2.3:a:views_project:views:7.x-3.0:*:*:*:*:drupal:*:*
views_projectviews7.x-3.0cpe:2.3:a:views_project:views:7.x-3.0:alpha1:*:*:*:drupal:*:*
Rows per page:
1-10 of 241

Related

prion 1
cvelist 1
nvd 1
drupal 1
kaspersky 1
prion
prion
Open redirect
2015-04-21 18:59:00
cvelist
cvelist
CVE-2015-3378
2015-04-21 18:00:00
nvd
nvd
CVE-2015-3378
2015-04-21 18:59:00
drupal
drupal
SA-CONTRIB-2015-039 - Views - Multiple vulnerabilities
2015-02-11 00:00:00
kaspersky
kaspersky
KLA10563 Multiple vulnerabilities in Drupal modules
2015-04-21 00:00:00

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

50.9%

JSON
Related for CVE-2015-3378
prion1cvelist1nvd1drupal1kaspersky1