CVE-2008-0568 : Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.

Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.

Published 2008-02-05 02:00:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2008-0568

Drupal » Secure Site Module » Version: 5.0
cpe:2.3:a:drupal:secure_site_module:5.0:*:*:*:*:*:*:*
Matching versions
Drupal » Secure Site Module » Version: 4.7
cpe:2.3:a:drupal:secure_site_module:4.7:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-0568

EPSS FAQ

0.85%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-0568

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2008-0568

http://www.securityfocus.com/bid/27543
http://drupal.org/node/216019

Patch
http://www.vupen.com/english/advisories/2008/0377/references
http://secunia.com/advisories/28732

Vendor Advisory

Jump to

Vulnerability Details : CVE-2008-0568

Products affected by CVE-2008-0568

Exploit prediction scoring system (EPSS) score for CVE-2008-0568

CVSS scores for CVE-2008-0568

References for CVE-2008-0568