PT-2009-6141 · Drupal · Ngp Coo/Cwp Integration

Published

2009-11-09

Updated

2017-08-17

CVE-2009-3920

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions NGP COO/CWP Integration (crmngp) module versions prior to 6.x-1.12 for Drupal

Description The issue concerns an administration page that fails to enforce proper access control. This allows remote attackers to access log information through unspecified means.

Recommendations For versions prior to 6.x-1.12, update to version 6.x-1.12 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2009-3920

Affected Products

Ngp Coo/Cwp Integration

PT-2009-6141 · Drupal · Ngp Coo/Cwp Integration

CVE-2009-3920

Weakness Enumeration

Related Identifiers

Affected Products

References · 7