PT-2014-8698 · Drupal · Drupal Open Atrium Core
Publicado
2014-11-12
·
Atualizado
2014-11-13
·
CVE-2014-8736
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Drupal Open Atrium Core module versions prior to 7.x-2.22
Description
The issue allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.
Recommendations
For versions prior to 7.x-2.22, update to version 7.x-2.22 or later to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal Open Atrium Core