Search criteria
3 vulnerabilities found for freelinking_for_case_tracker by freelinking_for_case_tracker_project
FKIE_CVE-2014-5179
Vulnerability from fkie_nvd - Published: 2014-08-06 18:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freelinking_for_case_tracker_project | freelinking_for_case_tracker | - | |
| freelinking_project | freelinking | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freelinking_for_case_tracker_project:freelinking_for_case_tracker:-:*:*:*:*:drupal:*:*",
"matchCriteriaId": "FCFD8DE1-DEC4-46E8-A871-012C671F1437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freelinking_project:freelinking:-:*:*:*:*:drupal:*:*",
"matchCriteriaId": "D9ED63C1-EB8D-4F6C-855F-05B8D2ADC3BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link."
},
{
"lang": "es",
"value": "El m\u00f3dulo freelinking para Drupal, utilizado en el m\u00f3dulo Freelinking for Case Tracker, no comprueba debidamente los permisos de acceso para (1) nodos o (2) usuarios, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un enlace manipulado."
}
],
"id": "CVE-2014-5179",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-06T18:55:06.277",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68861"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.drupal.org/node/2308503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.drupal.org/node/2308503"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-5179 (GCVE-0-2014-5179)
Vulnerability from cvelistv5 – Published: 2014-08-06 18:00 – Updated: 2024-08-06 11:34
VLAI?
Summary
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"name": "https://www.drupal.org/node/2308503",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5179",
"datePublished": "2014-08-06T18:00:00",
"dateReserved": "2014-08-06T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5179 (GCVE-0-2014-5179)
Vulnerability from nvd – Published: 2014-08-06 18:00 – Updated: 2024-08-06 11:34
VLAI?
Summary
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freelinking-drupal-casetracker-sec-bypass(94870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94870"
},
{
"name": "https://www.drupal.org/node/2308503",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2308503"
},
{
"name": "68861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5179",
"datePublished": "2014-08-06T18:00:00",
"dateReserved": "2014-08-06T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}