CVE-2014-9016
Currently unrated 🤨
Key Information
- Vendor
- Drupal
- Status
- Drupal
- Secure Passwords Hashes
- Vendor
- CVE Published:
- 24 November 2014
Badges
👾 Exploit Exists🔴 Public PoC
Summary
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
EPSS Score
4% chance of being exploited in the next 30 days.
Timeline
- 👾
Exploit exists.
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database2 Proof of Concept(s)