Access bypass in Drupal Drupal

1) Access bypass

EUVDB-ID: #VU492

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: N/A

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a user to get access to his session on Drupal site.
The weakness is caused by access control error and allows a blocked user to maintain his session still being blocked.
Successful exploitation of the vunerability results in gaining access to the session on Drupal site by blocked user.

Mitigation

Update 5.x to 5.22.
http://ftp.drupal.org/files/projects/drupal-5.22.tar.gz
Update 6.x to 6.16.
http://ftp.drupal.org/files/projects/drupal-6.16.tar.gz

Vulnerable software versions

Drupal: 5.0 - 6.15

CPE2.3

• cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*
• cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
• cpe:2.3:a:drupal:drupal:5.3:*:*:*:*:*:*:*
• cpe:2.3:a:drupal:drupal:5.4:*:*:*:*:*:*:*
• cpe:2.3:a:drupal:drupal:5.9:*:*:*:*:*:*:*
• cpe:2.3:a:drupal:drupal:5.10:*:*:*:*:*:*:*

External links

https://www.drupal.org/node/73171

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.