Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2011-2687

Published: 27/07/2011 Updated: 03/09/2015
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Drupal

Vulnerability Summary

Drupal 7.x prior to 7.3 allows remote malicious users to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.

Vulnerable Product Search on Vulmon Subscribe to Product

drupal drupal 7.0

drupal drupal 7.1

drupal drupal 7.2

References

CWE-264http://secunia.com/advisories/45291https://bugzilla.redhat.com/show_bug.cgi?id=717874http://www.openwall.com/lists/oss-security/2011/07/11/2http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633385http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062714.htmlhttp://secunia.com/advisories/45081http://www.openwall.com/lists/oss-security/2011/07/12/16http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062722.htmlhttp://drupal.org/node/1204582http://www.securityfocus.com/bid/48505https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook