PT-2020-8020 · Drupal · Rest/Json

Published

2020-12-31

Updated

2021-01-07

CVE-2016-20001

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: REST/JSON project for Drupal versions 7.x-1.x

Description: The issue allows node access bypass. This project is not covered by Drupal's security advisory policy.

Recommendations: For versions 7.x-1.x, update to a version that includes the fix for this issue, as the project is not covered by Drupal's security advisory policy, and specific guidance may vary.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2016-20001

Affected Products

Rest/Json

PT-2020-8020 · Drupal · Rest/Json

CVE-2016-20001

Weakness Enumeration

Related Identifiers

Affected Products

References · 5