admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2010/CVE-2010-15xx/CVE-2010-1548.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

204 lines
6.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2010-1548",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-05-21T20:30:01.660",
"lastModified": "2024-11-21T01:14:40.593",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal does not follow access restrictions, which allows remote authenticated users, with \"access content\" privileges, to read the title of an unpublished node via a q=ctools/autocomplete/node/ value accompanied by the first character of the node's title."
},
{
"lang": "es",
"value": "La funcionalidad de autocompletar del m\u00f3dulo Chaos Tool Suite (CTools) v6.x en versiones anteriores a la v6.x-1.4 de Drupal no cumple las restricciones de acceso, lo que permite a usuarios remotos autenticados, con los privilegios de \"acceso a contenidos\", leer el t\u00edtulo de un nodo no publicado a trav\u00e9s de un valor q=ctools/autocomplete/node/ acompa\u00f1ado del primer caracter del nodo del t\u00edtulo."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"baseScore": 3.5,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:*:*:*:*:drupal:*:*",
"matchCriteriaId": "707AD226-1D2E-46B5-9626-FDD99A5F7EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha1:*:*:*:drupal:*:*",
"matchCriteriaId": "C5B9EF92-78B1-44DE-83C5-068199E0EE44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha2:*:*:*:drupal:*:*",
"matchCriteriaId": "2C05A815-09CB-4201-8345-89AE530D9925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha3:*:*:*:drupal:*:*",
"matchCriteriaId": "492C9CF3-A6D8-4BC2-B9CE-6575BEF6C490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta1:*:*:*:drupal:*:*",
"matchCriteriaId": "3C89BFC4-CBFE-40D0-AF4B-D18750F8F83E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta2:*:*:*:drupal:*:*",
"matchCriteriaId": "7158E609-D504-4938-9651-2A782D319838"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta3:*:*:*:drupal:*:*",
"matchCriteriaId": "6CF31BF7-3BD2-4EA1-BEA1-C73E5AAD6779"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta4:*:*:*:drupal:*:*",
"matchCriteriaId": "C9EFC7E5-F1D7-4EB3-B185-A7CFDA961261"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:rc1:*:*:*:drupal:*:*",
"matchCriteriaId": "CA34F407-47D1-4F39-B26A-84FCD05EE6ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.1:*:*:*:*:drupal:*:*",
"matchCriteriaId": "0B3D4721-7320-423F-8E76-07E4D2E7F6DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.2:*:*:*:*:drupal:*:*",
"matchCriteriaId": "58C0D287-58A4-4C8D-9042-29042FA412F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.3:*:*:*:*:drupal:*:*",
"matchCriteriaId": "DE51E707-6ABD-431C-B3B7-89D514BFFC84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.x:dev:*:*:*:drupal:*:*",
"matchCriteriaId": "4437675C-D86D-4903-9641-3AA3D28BD9F2"
}
]
}
]
}
],
"references": [
{
"url": "http://drupal.org/node/803944",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2010/May/272",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/39884",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.madirish.net/?article=458",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/40285",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58724",
"source": "cve@mitre.org"
},
{
"url": "http://drupal.org/node/803944",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2010/May/272",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/39884",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.madirish.net/?article=458",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/40285",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58724",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink