CVE-2013-4226

6.5MEDIUM

Key Information

Vendor
Drupal
Status
Authenticated User Page Caching (authcache) Module
Vendor
CVE Published:
18 February 2020

Summary

The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.

Affected Version(s)

Authenticated User Page Caching (Authcache) module = 7.x-1.x before 7.x-1.5

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.