Drupal · Drupal · CVE-2017-6928
**Name of the Vulnerable Software and Affected Versions**
Drupal core versions prior to 7.57
**Description**
The issue arises when using Drupal's private file system. Under certain conditions, where one module grants access to a file and another denies it, the access check fails. This leads to an access bypass issue, although it is mitigated by the fact that it only occurs in unusual site configurations.
**Recommendations**
For versions prior to 7.57, update to version 7.57 or later to resolve the issue.