PT-2015-7476 · Drupal · Administration Views
Maxim Baev
·
Publicado
2015-09-17
·
Atualizado
2016-11-28
·
CVE-2015-7226
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Administration Views module versions 7.x-1.x through 7.x-1.4
Description
The issue allows remote attackers to obtain sensitive information via vectors related to the access handler, due to the module checking access permissions based on the router path from the view instead of the display property.
Recommendations
For Administration Views module versions 7.x-1.x through 7.x-1.4, update to version 7.x-1.5 or later to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Administration Views