CVE-2014-9016

Currently unrated 🤨

Key Information

Vendor
Drupal
Status
Drupal
Secure Passwords Hashes
Vendor
CVE Published:
24 November 2014

Badges

👾 Exploit Exists🔴 Public PoC

Summary

The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

EPSS Score

4% chance of being exploited in the next 30 days.

Timeline

  • 👾

    Exploit exists.

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database2 Proof of Concept(s)
.