CVE-2014-1475

The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.0
drupaldrupal
7.1
drupaldrupal
7.2
drupaldrupal
7.10
drupaldrupal
7.11
drupaldrupal
7.12
drupaldrupal
7.13
drupaldrupal
7.14
drupaldrupal
7.15
drupaldrupal
7.16
drupaldrupal
7.17
drupaldrupal
7.18
drupaldrupal
7.19
drupaldrupal
7.20
drupaldrupal
7.21
drupaldrupal
7.22
drupaldrupal
7.23
drupaldrupal
7.24
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.0
drupaldrupal
6.1
drupaldrupal
6.2
drupaldrupal
6.10
drupaldrupal
6.11
drupaldrupal
6.12
drupaldrupal
6.13
drupaldrupal
6.14
drupaldrupal
6.15
drupaldrupal
6.16
drupaldrupal
6.17
drupaldrupal
6.18
drupaldrupal
6.19
drupaldrupal
6.20
drupaldrupal
6.21
drupaldrupal
6.22
drupaldrupal
6.23
drupaldrupal
6.24
drupaldrupal
6.25
drupaldrupal
6.26
drupaldrupal
6.27
drupaldrupal
6.28
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
drupal6
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
ignored
quantal
ignored
precise
ignored
lucid
ignored
drupal7
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
not-affected
vivid
not-affected
utopic
not-affected
trusty
not-affected
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
lucid
dne
References
http://secunia.com/advisories/56260
http://secunia.com/advisories/56601
http://www.debian.org/security/2014/dsa-2847
http://www.debian.org/security/2014/dsa-2851
http://www.mandriva.com/security/advisories?name=MDVSA-2014:031
http://www.securityfocus.com/bid/64973
https://drupal.org/SA-CORE-2014-001
http://secunia.com/advisories/56260
http://secunia.com/advisories/56601
http://www.debian.org/security/2014/dsa-2847
http://www.debian.org/security/2014/dsa-2851
http://www.mandriva.com/security/advisories?name=MDVSA-2014:031
http://www.securityfocus.com/bid/64973
https://drupal.org/SA-CORE-2014-001