Vulnerability Description
The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vectors.
CVSS Score
3.5
LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Organic Groups Menu | <= 7.x-2.1 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98445
- https://www.drupal.org/node/2365259Patch
- https://www.drupal.org/node/2365685PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98445
- https://www.drupal.org/node/2365259Patch
- https://www.drupal.org/node/2365685PatchVendor Advisory
FAQ
What is CVE-2014-8734?
CVE-2014-8734 is a vulnerability with a CVSS score of 3.5 (LOW). The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vec...
How severe is CVE-2014-8734?
CVE-2014-8734 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8734?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Organic Groups Menu.