CVE-2010-3091 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:P/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 69%

Affected Products (NVD)

Vendor	Product	Version
drupal	drupal	6.0
drupal	drupal	6.0:beta1
drupal	drupal	6.0:beta2
drupal	drupal	6.0:beta3
drupal	drupal	6.0:beta4
drupal	drupal	6.0:dev
drupal	drupal	6.0:rc1
drupal	drupal	6.0:rc2
drupal	drupal	6.0:rc3
drupal	drupal	6.0:rc4
drupal	drupal	6.1
drupal	drupal	6.2
drupal	drupal	6.3
drupal	drupal	6.4
drupal	drupal	6.5
drupal	drupal	6.6
drupal	drupal	6.7
drupal	drupal	6.8
drupal	drupal	6.9
drupal	drupal	6.10
drupal	drupal	6.11
drupal	drupal	6.12
drupal	drupal	6.13
drupal	drupal	6.14
drupal	drupal	6.15
drupal	drupal	6.16
drupal	drupal	6.17
peter_wolanin	openid	5.x-1.0:x
peter_wolanin	openid	5.x-1.1:x
peter_wolanin	openid	5.x-1.2:x
peter_wolanin	openid	5.x-1.3:x
peter_wolanin	openid	5.x-1.x:x

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

drupal6

dapper	dne
hardy	dne
jaunty	ignored
karmic	ignored
lucid	not-affected
maverick	not-affected
natty	not-affected

Common Weakness Enumeration

CWE-287 - Improper Authentication
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

References

http://drupal.org/node/880476

http://drupal.org/node/880480

http://marc.info/?l=oss-security&m=128418560705305&w=2

http://marc.info/?l=oss-security&m=128440896914512&w=2

http://www.debian.org/security/2010/dsa-2113

http://www.securityfocus.com/bid/42388

http://drupal.org/node/880476

http://drupal.org/node/880480

http://marc.info/?l=oss-security&m=128418560705305&w=2

http://marc.info/?l=oss-security&m=128440896914512&w=2

http://www.debian.org/security/2010/dsa-2113

http://www.securityfocus.com/bid/42388