MEDIUM🇬🇧 English

CVE-2015-4345

CVSS 5.0v2.0pub. 2015-06-15upd. 2026-05-06

The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Restful Web Services Project Restful Web Services

    APP
    Restful Web Services Project
    7.x-1.07.x-1.17.x-1.27.x-1.37.x-1.47.x-2.07.x-2.17.x-2.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-13255HIGH7.5ten sam produkt

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows For...

CVE-2013-4225HIGH8.8ten sam produkt

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not...

CVE-2013-1946MEDIUM4.3ten sam produkt

The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, ...

CVE-2013-0205MEDIUM6.8ten sam produkt

Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x...

CVE-2012-5556MEDIUM6.8ten sam produkt

Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x...

CVE-2015-4345 — MEDIUM 5.0 | CVEbaza.pl