CVE-2008-2771

EUVD-2008-2764
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
drupaldrupal
5.0
drupaldrupal
6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/269473
http://secunia.com/advisories/30622
http://www.securityfocus.com/bid/29675
https://exchange.xforce.ibmcloud.com/vulnerabilities/43006
http://drupal.org/node/269473
http://secunia.com/advisories/30622
http://www.securityfocus.com/bid/29675
https://exchange.xforce.ibmcloud.com/vulnerabilities/43006