CVE-2008-1731

EUVD-2008-1731
The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not properly handle the privacy information for nodes, which might allow remote attackers to bypass intended access restrictions, and read or modify nodes, in opportunistic circumstances related to interaction between Simple Access and (1) Node clone or (2) Project issue tracking.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
3281dsimple_access
5.x-1.0:x
3281dsimple_access
5.x-1.0-beta1:x
3281dsimple_access
5.x-1.1:x
3281dsimple_access
5.x-1.2:x
3281dsimple_access
5.x-1.2-1:x
3281dsimple_access
5.x-1.x-dev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/244560
http://secunia.com/advisories/29772
http://www.osvdb.org/44271
http://www.securityfocus.com/bid/28720
http://www.vupen.com/english/advisories/2008/1184
https://exchange.xforce.ibmcloud.com/vulnerabilities/41756
http://drupal.org/node/244560
http://secunia.com/advisories/29772
http://www.osvdb.org/44271
http://www.securityfocus.com/bid/28720
http://www.vupen.com/english/advisories/2008/1184
https://exchange.xforce.ibmcloud.com/vulnerabilities/41756