Drupal · Drupal · CVE-2017-6925
**Name of the Vulnerable Software and Affected Versions**
Drupal 8 core versions prior to 8.3.7
**Description**
There is an issue in the entity access system that could allow unwanted access to view, create, update, or delete entities. This issue affects entities that do not use or do not have UUIDs, and entities that have different access restrictions on different revisions of the same entity.
**Recommendations**
For versions prior to 8.3.7, update to version 8.3.7 or later to resolve the issue.