Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-5019
HistoryJul 22, 2014 - 2:55 p.m.

CVE-2014-5019

2014-07-2214:55:10
CWE-20
[email protected]
web.nvd.nist.gov
4

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

43.0%

JSON

The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use.

Affected configurations

Nvd
Node
drupaldrupalMatch7.0
OR
drupaldrupalMatch7.0alpha1
OR
drupaldrupalMatch7.0alpha2
OR
drupaldrupalMatch7.0alpha3
OR
drupaldrupalMatch7.0alpha4
OR
drupaldrupalMatch7.0alpha5
OR
drupaldrupalMatch7.0alpha6
OR
drupaldrupalMatch7.0alpha7
OR
drupaldrupalMatch7.0beta1
OR
drupaldrupalMatch7.0beta2
OR
drupaldrupalMatch7.0beta3
OR
drupaldrupalMatch7.0dev
OR
drupaldrupalMatch7.0rc1
OR
drupaldrupalMatch7.0rc2
OR
drupaldrupalMatch7.0rc3
OR
drupaldrupalMatch7.0rc4
OR
drupaldrupalMatch7.1
OR
drupaldrupalMatch7.2
OR
drupaldrupalMatch7.3
OR
drupaldrupalMatch7.4
OR
drupaldrupalMatch7.5
OR
drupaldrupalMatch7.6
OR
drupaldrupalMatch7.7
OR
drupaldrupalMatch7.8
OR
drupaldrupalMatch7.9
OR
drupaldrupalMatch7.10
OR
drupaldrupalMatch7.11
OR
drupaldrupalMatch7.12
OR
drupaldrupalMatch7.13
OR
drupaldrupalMatch7.14
OR
drupaldrupalMatch7.15
OR
drupaldrupalMatch7.16
OR
drupaldrupalMatch7.17
OR
drupaldrupalMatch7.18
OR
drupaldrupalMatch7.19
OR
drupaldrupalMatch7.20
OR
drupaldrupalMatch7.21
OR
drupaldrupalMatch7.22
OR
drupaldrupalMatch7.23
OR
drupaldrupalMatch7.24
OR
drupaldrupalMatch7.25
OR
drupaldrupalMatch7.26
OR
drupaldrupalMatch7.27
OR
drupaldrupalMatch7.28
OR
drupaldrupalMatch7.x-dev
Node
drupaldrupalMatch6.0
OR
drupaldrupalMatch6.0beta1
OR
drupaldrupalMatch6.0beta2
OR
drupaldrupalMatch6.0beta3
OR
drupaldrupalMatch6.0beta4
OR
drupaldrupalMatch6.0dev
OR
drupaldrupalMatch6.0rc1
OR
drupaldrupalMatch6.0rc2
OR
drupaldrupalMatch6.0rc3
OR
drupaldrupalMatch6.0rc4
OR
drupaldrupalMatch6.1
OR
drupaldrupalMatch6.2
OR
drupaldrupalMatch6.3
OR
drupaldrupalMatch6.4
OR
drupaldrupalMatch6.5
OR
drupaldrupalMatch6.6
OR
drupaldrupalMatch6.7
OR
drupaldrupalMatch6.8
OR
drupaldrupalMatch6.9
OR
drupaldrupalMatch6.10
OR
drupaldrupalMatch6.11
OR
drupaldrupalMatch6.12
OR
drupaldrupalMatch6.13
OR
drupaldrupalMatch6.14
OR
drupaldrupalMatch6.15
OR
drupaldrupalMatch6.16
OR
drupaldrupalMatch6.17
OR
drupaldrupalMatch6.18
OR
drupaldrupalMatch6.19
OR
drupaldrupalMatch6.20
OR
drupaldrupalMatch6.21
OR
drupaldrupalMatch6.22
OR
drupaldrupalMatch6.23
OR
drupaldrupalMatch6.24
OR
drupaldrupalMatch6.25
OR
drupaldrupalMatch6.26
OR
drupaldrupalMatch6.27
OR
drupaldrupalMatch6.28
OR
drupaldrupalMatch6.29
OR
drupaldrupalMatch6.30
OR
drupaldrupalMatch6.31

Related

prion 1
cvelist 1
debiancve 1
cve 1
ubuntucve 1
fedora 2
openvas 5
nessus 5
drupal 1
mageia 1
securityvulns 2
prion
prion
Design/Logic Flaw
2014-07-22 14:55:00
cvelist
cvelist
CVE-2014-5019
2022-10-03 16:20:43
debiancve
debiancve
CVE-2014-5019
2014-07-22 14:55:00
cve
cve
CVE-2014-5019
2022-10-03 16:20:43
ubuntucve
ubuntucve
CVE-2014-5019
2014-07-22 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: drupal7-7.29-1.fc20
2014-07-29 02:07:00
[SECURITY] Fedora 19 Update: drupal7-7.29-1.fc19
2014-07-29 02:09:51
openvas
openvas
Debian Security Advisory DSA 2983-1 (drupal7 - security update)
2014-07-20 00:00:00
Debian: Security Advisory (DSA-2983-1)
2014-07-19 00:00:00
Fedora Update for drupal7 FEDORA-2014-8485
2014-08-05 00:00:00
nessus
nessus
Drupal 6.x < 6.32 / 7.x < 7.29 Multiple Vulnerabilities
2014-07-21 00:00:00
Fedora 19 : drupal7-7.29-1.fc19 (2014-8515)
2014-07-29 00:00:00
Debian DSA-2983-1 : drupal7 - security update
2014-07-21 00:00:00
drupal
drupal
SA-CORE-2014-003 - Drupal core - Multiple vulnerabilities
2014-07-16 00:00:00
mageia
mageia
Updated drupal packages fix security vulnerabilities
2014-08-07 21:01:33
securityvulns
securityvulns
[ MDVSA-2015:181 ] drupal
2015-05-12 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-05-12 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

43.0%

JSON
Related for NVD:CVE-2014-5019
prion1cvelist1debiancve1cve1ubuntucve1fedora2openvas5nessus5drupal1mageia1securityvulns2