← Retour aux CVEs
CVE-2015-5502
N/ADescription
The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not properly restrict access to Storage API fields attached to entities that are not nodes, which allows remote attackers to have unspecified impact via unknown vectors.
Details CVE
Score CVSS v3.1N/A
Publie8/18/2015
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0
Produits affectes
storage_api_project:storage_api
Faiblesses (CWE)
CWE-284
References
http://www.openwall.com/lists/oss-security/2015/07/04/4(cve@mitre.org)
http://www.securityfocus.com/bid/74867(cve@mitre.org)
https://www.drupal.org/node/2495895(cve@mitre.org)
https://www.drupal.org/node/2495903(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2015/07/04/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/74867(af854a3a-2127-422b-91ae-364da2661108)
https://www.drupal.org/node/2495895(af854a3a-2127-422b-91ae-364da2661108)
https://www.drupal.org/node/2495903(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.