Vulnerability Description
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Drupal | 7.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2016/07/13/4Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2016/07/13/7Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/91230
- https://www.drupal.org/SA-CORE-2016-002Vendor Advisory
- https://www.drupal.org/node/2749333Vendor Advisory
- http://www.openwall.com/lists/oss-security/2016/07/13/4Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2016/07/13/7Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/91230
- https://www.drupal.org/SA-CORE-2016-002Vendor Advisory
- https://www.drupal.org/node/2749333Vendor Advisory
FAQ
What is CVE-2016-6212?
CVE-2016-6212 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitiv...
How severe is CVE-2016-6212?
CVE-2016-6212 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6212?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Drupal.