CVE-2009-2237

Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "nodes or classes of nodes" via unknown vectors, probably related to registered procedures (aka actions).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
karim_ratibviews_bulk_operations
5.x-1.0:x
karim_ratibviews_bulk_operations
5.x-1.1:x
karim_ratibviews_bulk_operations
5.x-1.2:x
karim_ratibviews_bulk_operations
5.x-1.3:x
karim_ratibviews_bulk_operations
6.x-1.0:x
karim_ratibviews_bulk_operations
6.x-1.1:x
karim_ratibviews_bulk_operations
6.x-1.2:x
karim_ratibviews_bulk_operations
6.x-1.3:x
karim_ratibviews_bulk_operations
6.x-1.4:x
𝑥
= Vulnerable software versions
References
http://drupal.org/node/468450
http://secunia.com/advisories/35117
http://www.securityfocus.com/bid/35051
https://exchange.xforce.ibmcloud.com/vulnerabilities/50659
http://drupal.org/node/468450
http://secunia.com/advisories/35117
http://www.securityfocus.com/bid/35051
https://exchange.xforce.ibmcloud.com/vulnerabilities/50659