Vulnerability Details : CVE-2015-5509
The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors.
Products affected by CVE-2015-5509
- cpe:2.3:a:administration_views_project:administration_views:7.x-1.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:administration_views_project:administration_views:7.x-1.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:administration_views_project:administration_views:7.x-1.0:rc1:*:*:*:drupal:*:*
- cpe:2.3:a:administration_views_project:administration_views:7.x-1.x:dev:*:*:*:drupal:*:*
- cpe:2.3:a:administration_views_project:administration_views:7.x-1.0:*:*:*:*:drupal:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5509
0.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 49 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5509
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST |
CWE ids for CVE-2015-5509
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5509
-
http://www.openwall.com/lists/oss-security/2015/07/04/4
oss-security - CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)
-
http://www.securityfocus.com/bid/75278
Drupal Administration Views Module Access Bypass Vulnerability
-
https://www.drupal.org/node/2507645
Access to this page has been denied.Patch;Vendor Advisory
-
https://www.drupal.org/node/2430043
Access to this page has been denied.Patch
Jump to