| Vulnerability Name: | CVE-2007-3689 (CCN-35314) | ||||||||
| Assigned: | 2007-07-09 | ||||||||
| Published: | 2007-07-09 | ||||||||
| Updated: | 2017-07-29 | ||||||||
| Summary: | The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N/E:U/RL:OF/RC:C)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2007-3689 Source: CCN Type: DRUPAL-SA-2007-014 Print - Access bypass Source: CONFIRM Type: Patch http://drupal.org/node/152804 Source: CONFIRM Type: Patch http://drupal.org/node/158029 Source: CONFIRM Type: Patch http://drupal.org/node/158032 Source: CCN Type: Print Friendly Pages module for Drupal Web site Print Friendly Pages | drupal.org Source: OSVDB Type: UNKNOWN 37897 Source: CCN Type: SA25978 Drupal Print Module Access Restriction Bypass Source: SECUNIA Type: UNKNOWN 25978 Source: CCN Type: OSVDB ID: 37897 Drupal Print Module Crafted URL Access Restriction Bypass Source: BID Type: UNKNOWN 24862 Source: CCN Type: BID-24862 Drupal Multiple Security Bypass Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2007-2470 Source: XF Type: UNKNOWN printfriendlypages-url-security-bypass(35314) Source: XF Type: UNKNOWN printfriendlypages-url-security-bypass(35314) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||