Vulnerability Description
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not ensuring that fields are signed, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Drupal | 6.0 |
| Peter Wolanin | Openid | 5.x-1.0 |
Related Weaknesses (CWE)
References
- http://drupal.org/node/880476PatchVendor Advisory
- http://drupal.org/node/880480PatchVendor Advisory
- http://marc.info/?l=oss-security&m=128418560705305&w=2
- http://marc.info/?l=oss-security&m=128440896914512&w=2
- http://www.debian.org/security/2010/dsa-2113
- http://www.securityfocus.com/bid/42388
- http://drupal.org/node/880476PatchVendor Advisory
- http://drupal.org/node/880480PatchVendor Advisory
- http://marc.info/?l=oss-security&m=128418560705305&w=2
- http://marc.info/?l=oss-security&m=128440896914512&w=2
- http://www.debian.org/security/2010/dsa-2113
- http://www.securityfocus.com/bid/42388
FAQ
What is CVE-2010-3686?
CVE-2010-3686 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not ensuring that fields are signed, which allows remote attackers...
How severe is CVE-2010-3686?
CVE-2010-3686 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3686?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Drupal, Peter Wolanin Openid.