CVE-2012-2730

EUVD-2012-2710
The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
alexis_wilkeprotected_node
6.x-1.0:x
alexis_wilkeprotected_node
6.x-1.2:x
alexis_wilkeprotected_node
6.x-1.3:x
alexis_wilkeprotected_node
6.x-1.4:x
alexis_wilkeprotected_node
6.x-1.5:x
alexis_wilkeprotected_node
6.x-1.x:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1258034
http://drupal.org/node/1632918
http://secunia.com/advisories/49509
http://www.openwall.com/lists/oss-security/2012/06/14/3
http://www.osvdb.org/82984
http://www.securityfocus.com/bid/54001
https://exchange.xforce.ibmcloud.com/vulnerabilities/76291
http://drupal.org/node/1258034
http://drupal.org/node/1632918
http://secunia.com/advisories/49509
http://www.openwall.com/lists/oss-security/2012/06/14/3
http://www.osvdb.org/82984
http://www.securityfocus.com/bid/54001
https://exchange.xforce.ibmcloud.com/vulnerabilities/76291