Access bypass in Drupal - CVE-2015-2559
Published: September 14, 2016
Vulnerability identifier: #VU435
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2015-2559
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Drupal
Affected software:
Drupal
Drupal
Detailed vulnerability description
The vulnerability allows remote attackers access valid user's account.
The weakness exists due to forging of password reset URLs especially on sites with external authentication. A malicious user can obtain target user's account not knowing the password. The vulnerability is exploited for sites with empty password hash or identical password hash for different users.
Successful exploitation of this weakness will allow attacker to get access to the targeted user's account.
The weakness exists due to forging of password reset URLs especially on sites with external authentication. A malicious user can obtain target user's account not knowing the password. The vulnerability is exploited for sites with empty password hash or identical password hash for different users.
Successful exploitation of this weakness will allow attacker to get access to the targeted user's account.
How to mitigate CVE-2015-2559
Update 6.x to 6.35.
https://www.drupal.org/drupal-6.35-release-notes
Update 7.x to 7.35.
https://www.drupal.org/drupal-7.35-release-notes
https://www.drupal.org/drupal-6.35-release-notes
Update 7.x to 7.35.
https://www.drupal.org/drupal-7.35-release-notes