Vulnerability Description
The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Misery Project | Misery | 6.x-2.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/oss-sec/2013/q4/317
- http://www.securityfocus.com/bid/63705
- https://drupal.org/node/2134409Patch
- https://drupal.org/node/2134413Patch
- https://drupal.org/node/2135273Vendor Advisory
- http://seclists.org/oss-sec/2013/q4/317
- http://www.securityfocus.com/bid/63705
- https://drupal.org/node/2134409Patch
- https://drupal.org/node/2134413Patch
- https://drupal.org/node/2135273Vendor Advisory
FAQ
What is CVE-2013-4599?
CVE-2013-4599 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (proc...
How severe is CVE-2013-4599?
CVE-2013-4599 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4599?
Check the references section above for vendor advisories and patch information. Affected products include: Misery Project Misery.