CVE-2008-2771

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
drupaldrupal
5.0
drupaldrupal
6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/269473
http://secunia.com/advisories/30622
http://www.securityfocus.com/bid/29675
https://exchange.xforce.ibmcloud.com/vulnerabilities/43006
http://drupal.org/node/269473
http://secunia.com/advisories/30622
http://www.securityfocus.com/bid/29675
https://exchange.xforce.ibmcloud.com/vulnerabilities/43006