CVE-2008-3000

EUVD-2008-2990
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
drupalaggregation_module
3.0
drupalaggregation_module
3.1
drupalaggregation_module
3.2
drupalaggregation_module
4.0
drupalaggregation_module
4.1
drupalaggregation_module
4.2
drupalaggregation_module
4.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/269479
http://secunia.com/advisories/30618
http://www.securityfocus.com/bid/29677
https://exchange.xforce.ibmcloud.com/vulnerabilities/43017
http://drupal.org/node/269479
http://secunia.com/advisories/30618
http://www.securityfocus.com/bid/29677
https://exchange.xforce.ibmcloud.com/vulnerabilities/43017