CVE-2013-4226
6.5MEDIUM
Key Information
- Vendor
- Drupal
- Status
- Authenticated User Page Caching (authcache) Module
- Vendor
- CVE Published:
- 18 February 2020
Summary
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.
Affected Version(s)
Authenticated User Page Caching (Authcache) module = 7.x-1.x before 7.x-1.5
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database