Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2013-4273

Published: 19/07/2014 Updated: 27/02/2015
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

The Entity API module 7.x-1.x prior to 7.x-1.2 for Drupal does not properly restrict access to node comments, which allows remote authenticated users to read the comments via unspecified vectors. NOTE: this identifier was SPLIT per ADT5 due to different researcher organizations. CVE-2013-7391 was assigned for the View vector.

Vulnerable Product Search on Vulmon Subscribe to Product

entity api project entity api 7.x-1.0

entity api project entity api 7.x-1.1

References

CWE-264https://drupal.org/node/2065197http://www.openwall.com/lists/oss-security/2013/08/22/2https://drupal.org/node/2065207https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710arbitrary CVE-2024-5272CVE-2024-2961brute forceremoteCVE-2024-32944CVE-2024-36241CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook