Remote Code Execution Vulnerability in Drupal 7.x by Acquia
CVE-2015-3231

Currently unrated

Key Information:

Vendor

Drupal
Status
Drupal
Vendor
CVE Published:
22 June 2015

What is CVE-2015-3231?

The Render cache system in Drupal 7.x prior to version 7.38 is vulnerable due to improper caching rules that allow remote authenticated users to access private content belonging to user 1. This vulnerability arises when content is cached based on user roles, potentially exposing sensitive data that should remain confidential. Websites utilizing this version may be at risk, emphasizing the need for immediate updates to secure private content from unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2015/dsa-3291
vendor-advisoryx_refsource_DEBIAN
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.