Drupal · Drupal Smart Ip Ban · CVE-2024-13277
**Name of the Vulnerable Software and Affected Versions**
Drupal Smart IP Ban versions 7.X-1.0 through 7.X-1.0
**Description**
The issue is related to insufficient authorization mechanisms in the Smart IP Ban module for the Drupal CMS, allowing a remote attacker to view and modify settings. This can lead to forceful browsing, where an attacker can access and alter configurations without proper authorization.
**Recommendations**
For versions 7.X-1.0, update to version 7.X-1.1 or later to resolve the issue.
As a temporary workaround, consider restricting access to the Smart IP Ban module until a patch is available.