CVE-2009-4044

EUVD-2009-4015
The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
bruno_massaweb_services
6.x-1.0:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/630244
http://www.securityfocus.com/bid/37000
http://www.vupen.com/english/advisories/2009/3218
https://exchange.xforce.ibmcloud.com/vulnerabilities/54249
http://drupal.org/node/630244
http://www.securityfocus.com/bid/37000
http://www.vupen.com/english/advisories/2009/3218
https://exchange.xforce.ibmcloud.com/vulnerabilities/54249