PT-2020-8021 · Drupal · Rest/Json

Published

2020-12-31

Updated

2021-01-07

CVE-2016-20002

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: REST/JSON project for Drupal version 7.x-1.x

Description: The issue allows comment access bypass. This project is not covered by Drupal's security advisory policy.

Recommendations: For version 7.x-1.x, update to a version that includes the fix for this issue, as the project is not covered by Drupal's security advisory policy, and specific guidance may vary. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2016-20002

Affected Products

Rest/Json

PT-2020-8021 · Drupal · Rest/Json

CVE-2016-20002

Weakness Enumeration

Related Identifiers

Affected Products

References · 5