CVE-2015-8232

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 17/11/15 - Updated on 18/11/15

Description

The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2015-8232

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
uc_profile_projectuc_profile

Share this vulnerability with:

Twitter Facebook LinkedIn Mail