CVE-2014-8735

The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
bad_behavior_projectbad_behavior
6.x-1.0:x
bad_behavior_projectbad_behavior
6.x-1.0:x
bad_behavior_projectbad_behavior
6.x-1.x:x
bad_behavior_projectbad_behavior
6.x-2.1:x
bad_behavior_projectbad_behavior
6.x-2.2:x
bad_behavior_projectbad_behavior
6.x-2.13:x
bad_behavior_projectbad_behavior
6.x-2.14:x
bad_behavior_projectbad_behavior
6.x-2.113:x
bad_behavior_projectbad_behavior
6.x-2.114:x
bad_behavior_projectbad_behavior
6.x-2.115:x
bad_behavior_projectbad_behavior
6.x-2.116:x
bad_behavior_projectbad_behavior
6.x-2.200:x
bad_behavior_projectbad_behavior
6.x-2.214:x
bad_behavior_projectbad_behavior
6.x-2.215:x
bad_behavior_projectbad_behavior
6.x-2.216:x
bad_behavior_projectbad_behavior
6.x-2.217:x
bad_behavior_projectbad_behavior
6.x-2.220:x
bad_behavior_projectbad_behavior
6.x-2.221:x
bad_behavior_projectbad_behavior
6.x-2.222:x
bad_behavior_projectbad_behavior
6.x-2.223:x
bad_behavior_projectbad_behavior
6.x-2.225:x
bad_behavior_projectbad_behavior
6.x-2.226:x
bad_behavior_projectbad_behavior
6.x-2.227:x
bad_behavior_projectbad_behavior
6.x-2.228:x
bad_behavior_projectbad_behavior
6.x-2.2210:x
bad_behavior_projectbad_behavior
6.x-2.2211:x
bad_behavior_projectbad_behavior
6.x-2.2212:x
bad_behavior_projectbad_behavior
6.x-2.2213:x
bad_behavior_projectbad_behavior
6.x-2.2214:x
bad_behavior_projectbad_behavior
6.x-2.2215:x
bad_behavior_projectbad_behavior
7.x-2.220:x
bad_behavior_projectbad_behavior
7.x-2.221:x
bad_behavior_projectbad_behavior
7.x-2.222:x
bad_behavior_projectbad_behavior
7.x-2.223:x
bad_behavior_projectbad_behavior
7.x-2.225:x
bad_behavior_projectbad_behavior
7.x-2.226:x
bad_behavior_projectbad_behavior
7.x-2.227:x
bad_behavior_projectbad_behavior
7.x-2.228:x
bad_behavior_projectbad_behavior
7.x-2.2210:x
bad_behavior_projectbad_behavior
7.x-2.2211:x
bad_behavior_projectbad_behavior
7.x-2.2212:x
bad_behavior_projectbad_behavior
7.x-2.2213:x
bad_behavior_projectbad_behavior
7.x-2.2214:x
bad_behavior_projectbad_behavior
7.x-2.2215:x
bad_behavior_projectbad_behavior
7.x-2.2216:x
bad_behavior_projectbad_behavior
7.x-2.x:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.drupal.org/node/2360953
https://www.drupal.org/node/2360955
https://www.drupal.org/node/2361611
https://www.drupal.org/node/2360953
https://www.drupal.org/node/2360955
https://www.drupal.org/node/2361611