gsd-2007-6752
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the "security benefit against platform complexity and performance impact" and concluding that a change to the logout behavior is not planned because "for most sites it is not worth the trade-off."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2007-6752",
"description": "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off.\"",
"id": "GSD-2007-6752"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2007-6752"
],
"details": "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off.\"",
"id": "GSD-2007-6752",
"modified": "2023-12-13T01:21:38.585692Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html",
"refsource": "MISC",
"url": "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html"
},
{
"name": "http://groups.drupal.org/node/216314",
"refsource": "MISC",
"url": "http://groups.drupal.org/node/216314"
},
{
"name": "http://drupal.org/node/144538",
"refsource": "MISC",
"url": "http://drupal.org/node/144538"
},
{
"name": "18564",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18564/"
},
{
"name": "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A518216-EFBB-42BF-93BD-21F350DC82C1",
"versionEndIncluding": "7.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09A73149-677F-4112-95DF-04CFC94E46FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA1165-C304-48FA-9676-08EC5284C847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C008BB7D-05AB-47B3-B020-C5C39B0FD03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.2.0_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "94444F9F-858A-4040-BE97-8A92B84DA7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E51CCF47-FC19-44A1-A843-034227AC0ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFF99BC-5E1D-4ADA-8BE7-07F7761C972C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA805CAF-A678-43A9-932D-EE35DBCCA793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18331C39-0ACE-4651-9D9F-1533AAD7C58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "439C861D-7612-4E6A-8D9D-F04043DA9298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD40E38-71BA-42AD-BEBB-D4AD05ADDF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5093F703-13AA-4EEC-8659-C5EB29A54AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82317650-F136-446D-904D-354B4D26E91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06A1ACAF-A468-43F0-9FAD-FA3D48363843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A68656D9-3EA0-4749-AF1B-2F9B485A02ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BFEDAA48-3F53-4B13-BB6A-CDC63E3922A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6946291-0F27-4666-95C8-E744800D3EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79713A65-5A3A-4682-8A49-614174AB7C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4E42FFA3-6FAE-4764-AF83-F544E6BA6CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7456EEFF-15B8-4A75-B10E-AF936B4AD347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46D3F002-92E8-4CBB-8A1D-F8BCD2F782E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95DA206C-EF72-4379-9ED8-795FCAD0BE19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5ACB7E-0CEB-4417-839A-8B06615FC981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD7D35-AA9D-4589-A6BC-6D34219B7128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "611B9D43-CE88-4451-A27C-7F6F24016B4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1A7208-6273-4CC6-AB7B-DA855EEF2729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "83457EB5-BA6B-4ECB-8CB2-A10989B3A9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "49A92C9C-18DD-4FF7-A95D-72EE72C83C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC016B5-A4C2-4A78-B830-C041C8BAAD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35B99C22-9A8C-43F3-9AD8-D901D07D5FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB94DAC5-F0E1-4427-98E4-A5684BF3F408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB80759-1441-46B0-937B-848EF327CB6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6F8EE5-CECC-4B35-AAD4-8152DBF51605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE9A8A9-19D4-4C50-A4B5-2EFD8B05BAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94D0FD99-066F-4161-9524-01DD01F31527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79F8FEEF-6857-4DC8-9D0D-76D801D0E914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61EC4ECE-6719-4C54-B150-017ACB32E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5368BD-60AC-49E7-80D4-A5B317319A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3B1D3A-B449-4F4A-9405-4B5FC9041974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "228039D8-A41B-4D04-8084-40E13941659F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "550F4476-9749-4DE8-8ACF-C17FD4D82466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B281B2AC-1F20-4330-826B-B733BD6A88D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D17799AB-2A2F-41FE-92DF-0AEDEF63CB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E563D8F-2F1F-4B81-99F3-67879D658367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0B551D-175A-4CE6-A955-1035DBF933FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7_rev_1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D91A74D-6AD6-42A7-B7CF-EC06D47DE465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7_rev_1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "88EB827F-99C1-429D-AABA-F7CD94CF2835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7_rev1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "55AD4DCD-C856-40F4-BB12-EFE2CAD0434C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:4.7_revision_1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA040EA8-987D-4FB3-B604-FF571A7AF2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BDBE79A6-5762-4A7C-8FDA-C11FFFDCFC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "45BE66AB-3491-42CB-8594-AB041D15EA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F6334858-DF62-467A-9126-6F0AD32D325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:dev:*:*:*:*:*:*",
"matchCriteriaId": "8F12CDE0-C69F-4676-B3F3-C5D89722B9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A677D3A4-F15C-4287-94B3-4CAADA4679D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24DAB8DE-2459-484C-88B5-9812CFBDC60F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BCAB7B-DF79-4DB8-A5C4-731F251A02A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.1_rev1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87BF63E1-FB1A-4D76-BF0D-F07267127504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AEAB73-F7A9-4C62-BCB6-1028DAF149DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FF34F79B-6B1B-45CA-82BA-24D4254B26DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C5857-3690-4D74-B135-B6AB7E766FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC12E03-C4B0-4B2F-B70B-0EB19C450AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.5.:*:*:*:*:*:*:*",
"matchCriteriaId": "698B4A81-4A20-4BD8-B0E5-3335B7DC190C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FD50E551-7609-45EF-B2C6-3873D9CF8DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "327712EE-8E9B-4A62-94A8-504C9CD2DE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C4FC56B-0289-411C-88BF-144D7338D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3ECEA7-E6D3-43E8-A281-56C7F95A0B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "28BE4DF7-6884-49BA-99D0-FCAE6DB75242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7287CD-A5FB-4428-8656-F466A8E47463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E2860C3D-CB93-4355-882E-BF8B7A23CB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD400243-3FFE-457C-A977-6688D9181FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2686FD-9643-4B8A-A8BF-C67120E44A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0F851EC4-6148-4C13-890F-8260D4DF5A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "30282489-9168-4F7E-8465-1FE6521056B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "AA657ECA-ABA6-48B0-AE4B-0FA2BEFF7893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D14B91-CE74-4492-9309-0B7D8FC09691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "07D997AB-DA3A-4ADB-B8F1-B9E4B22B4D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DFEE45-D92B-4219-BA9C-465FEF88BB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA99DB2C-9968-4AE8-B1CB-BFCC23AF6589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "C071F191-699F-4ACB-9D98-346873EE72D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9D81B4-6795-422E-BB4C-C82BA18D127F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:5.x:dev:*:*:*:*:*:*",
"matchCriteriaId": "0A450FDB-A537-479B-A22B-68DFF6AD8FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE07AAD-9207-4C5F-A108-7F7753E4F48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D4149703-F7BB-4513-9379-992C089532D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "FCBC7BB8-2B50-476D-BD96-C968F105CE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "550778E2-BEE5-403D-8744-0B18C5D3AFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "31B9F954-3A10-4378-A842-4061E97056DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*",
"matchCriteriaId": "5BD3F6D1-2530-4B4C-86BE-DFDB886BF6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc-1:*:*:*:*:*:*",
"matchCriteriaId": "7954FAA5-0455-407F-B16F-CB1FD24F9FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc-2:*:*:*:*:*:*",
"matchCriteriaId": "B254CD4E-51A2-4E8D-9B59-FA5610F76683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc-3:*:*:*:*:*:*",
"matchCriteriaId": "A4DF0926-E487-4F3B-B85B-2690127FE1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc-4:*:*:*:*:*:*",
"matchCriteriaId": "D05C77D9-E816-41A6-80DB-F4815980A83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FDF535DF-2338-4BF8-A9AC-3B6C60C4D591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "58876D53-BCE4-459E-AC75-37E4E46621CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "937F4629-2AA1-4954-BF72-8E9CAF1B67FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6410BD0A-1B47-4EC2-8D2A-161ADBB09699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D8F291-CBEB-4EAA-9388-F63066A2DFA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BD5AEC-F20E-4E53-AF3F-2C60BA2D2171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D76BC5-0409-4D78-8064-A78B923E9167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BB73B2E1-2554-4CA2-9C82-B694509CE43A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7827ED-D8AF-42B3-B514-39A04EB0879A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F491DE31-8DBB-4F4E-8798-F82DC855D08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADEA9E5-10EB-4AB4-BD90-1F64A15708AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "64D0A167-BE47-4E4E-8467-0AD2F38A3431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CBB558-D5A3-4D68-9C62-D1D521BCFEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D25FA1-2F31-40DB-AD54-DB233E060B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7F91E944-26C4-4886-B9B9-F32BD15569BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F7DF00E9-3952-4D1C-8ED5-3270BD9697F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0B779FA7-E371-4111-95B7-301C804DC0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B89B2E01-DFC7-4672-85E7-3930EE653806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "39169C30-5F4D-4333-B0B9-0881811F1E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A9703D3D-C2D3-4EA0-A67E-CC17B0146B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "2EEDA1EF-D7DB-47B5-BF6C-A9ED84427030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFE9DB8-972F-4BE2-9087-ED38ACFAA822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "13F27EC1-48AF-402C-A1A6-0B66E693ABD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "54143AC5-9F03-4BD7-8FFE-A6DAE1634504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "EE98FD40-92FB-4417-85EB-FBACA56ED5BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D7A256-8631-4AD2-8B56-89FFE46A3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7DC189-520E-4EB4-BBEC-4EF0D13E0BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*",
"matchCriteriaId": "11641CDE-16A3-49BF-BF2F-AC6C01DED11A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:6.x-dev:*:*:*:*:*:*:*",
"matchCriteriaId": "7B70A5E7-A7BF-422C-9159-A345744C4557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48C33CAB-4633-418C-B162-20A2EC24E8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1750-17AD-4386-B6EE-1AFC9CDFB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "9E0C1873-22A6-4CE9-853D-2A40BD3D9E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "9F6DF608-0DA2-455F-AD28-7BE4A7548E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "7BCC306D-EB5D-4784-B0B1-B4F9370796F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "5639A5F3-CD18-451C-BA5A-3336C42BED83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "5B0A10CA-F59E-48AC-97E9-8476F63BAEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "07B7917C-5934-4AFF-B3DB-BE9B099B27FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "16731B53-3CD1-4B98-947B-7621162D8DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "BD738402-A50E-4AEB-8F42-607F52DE5540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "199AC10C-6E65-409B-8658-E26240B27E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*",
"matchCriteriaId": "2B378BEF-B070-4955-A6B3-8F2ACBA96832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "19EC9A36-5EDC-4519-802E-BEA69B18800A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8C281EA7-8AE1-4D5A-B03B-B3BE37740195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "024CF5B1-1875-4785-ACAF-35ECCC7914A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5F446903-51AC-4FA3-BA90-C2EA59BBDB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE86CC5-956E-4F16-BE7B-2B1CAAEB5C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AC1B21-D3BE-4B6A-AE40-8B395E81DD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5E8A73-1C02-4900-BC30-83084DC8371C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A92A41E3-BF0F-49BD-9F0F-5FDC11BF2499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "937C3149-3F34-40D8-964D-FB65EBDF0BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90CD183A-3777-44F9-8CA6-8E802058D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "68C0CC63-558B-4750-8293-926BE9EAD42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CA66BCA5-3934-449E-BAD3-D0DFBF4A04BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5030281C-CD4F-4106-A100-332A4C3C2AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D408134A-29E8-4D6A-9352-DB7F9CF55FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3B08C41E-2357-44D5-A3A7-75389B343B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*",
"matchCriteriaId": "0F860666-578F-4B48-ABCA-1B5F2697DEAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off."
},
{
"lang": "es",
"value": "** DISCUTIDO ** Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Drupal 7.12 y anteriores permite a atacantes remotos secuestrar la autenticaci\u00f3n de los usuarios arbitrarios para solicitudes que terminan una sesi\u00f3n a trav\u00e9s de la URI usuario / cierre de sesi\u00f3n. NOTA: el vendedor se opone a la importancia de esta cuesti\u00f3n, teniendo en cuenta el \"beneficio de la seguridad frente a la complejidad y la plataforma de impacto en el rendimiento\" y la conclusi\u00f3n de que un cambio en el comportamiento de cierre de sesi\u00f3n no est\u00e1 previsto porque \"la mayor\u00eda de los sitios no vale la pena la compensaci\u00f3n.\""
}
],
"id": "CVE-2007-6752",
"lastModified": "2024-04-11T00:43:16.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-03-28T10:54:59.457",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://drupal.org/node/144538"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://groups.drupal.org/node/216314"
},
{
"source": "cve@mitre.org",
"url": "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18564/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.