CVE-2024-13277

Name of the Vulnerable Software and Affected Versions Drupal Smart IP Ban versions 7.X-1.0 through 7.X-1.0

Description The issue is related to insufficient authorization mechanisms in the Smart IP Ban module for the Drupal CMS, allowing a remote attacker to view and modify settings. This can lead to forceful browsing, where an attacker can access and alter configurations without proper authorization.

Recommendations For versions 7.X-1.0, update to version 7.X-1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Smart IP Ban module until a patch is available.