CVE-2013-4230

{"id": "CVE-2013-4230", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-08-21T14:55:07.150", "references": [{"url": "http://secunia.com/advisories/54391", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2013/08/10/1", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/61711", "source": "secalert@redhat.com"}, {"url": "https://drupal.org/node/2059805", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://drupal.org/node/2059807", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://drupal.org/node/2059823", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86326", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/54391", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2013/08/10/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/61711", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://drupal.org/node/2059805", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://drupal.org/node/2059807", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://drupal.org/node/2059823", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86326", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly restrict access to webform submissions, which allows remote authenticated users with the \"Who can read data submitted to this webform\" permission to delete arbitrary submissions via unspecified vectors."}, {"lang": "es", "value": "El submodulo mm_webform en el modulo Monster Menus v6.x-6.x anterior a v6.x-6.61 y v7.x-1.x anterior a v7.x-1.13 para Drupal no restringe adecuadamente el acceso a env\u00edos en formularios web, lo que permite a usuarios remotos autenticados con el permiso \"Who can read data submitted to this webform\" eliminar env\u00edos arbitrarios mediante vectores no especificados."}], "lastModified": "2025-08-27T15:51:13.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F426D106-1E21-4B71-A2D2-5AB534FEEB75"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B28206EB-06A3-45CE-8B38-03EDE9279D58"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EBF1A73-BD2E-418A-8CD0-32B74482A221"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C798EE3-7EA7-4457-A539-C891AAF37E3A"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29B8ECF1-EA3E-43C7-A6C3-818351E1579F"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A0512B8-57EA-400C-B618-327D6066837B"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B29FC23-67BB-481E-850B-83789B407739"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F12720B-1ECF-47E0-A33A-ED218DDBEFDB"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA9C5D7C-72A3-43BF-A49F-543DE1E95655"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBB5BA55-18FF-4F85-82FF-341B2AB63329"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C0423D2-84E9-43E9-A852-CBED9C374FC6"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD47CB10-720A-4DD1-91C6-FF91E1AE89D2"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "551794E1-335D-4047-9608-E4C49D8E1B66"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0497A854-D018-4F6F-B49F-1FDC71775F8D"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B30C1CD-935C-4078-92E1-8B69567658B4"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE792197-F358-43E2-AEEF-347665146DCB"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D7E4CB2-EA83-4485-8490-4EF234BBEB01"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8426E0A7-90D5-4F48-B332-E958BB099664"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "063EB9F8-7FCF-4B90-A8FA-807DB9DA6FB2"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56DF7730-8F6E-4033-A507-BC58F819053B"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77F65135-F653-4123-A565-74DCFE4066AB"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BBA6B8B-BE22-41B8-9AE2-2EDB7DBFF6D8"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8222F8A-E34B-43A0-BFB4-3FEC562FE863"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D7B6ABF-E64F-4FFA-9002-315E4F31D342"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A411E157-887D-4C9F-AF36-8DF460AC55A3"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.59:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77F886A2-9949-4675-B064-534A7B1A17C2"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "049A03A3-2F31-46AA-B6B9-8827F6869182"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "387079CC-E29E-42B4-BA96-0D9DEB02C247"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "897362CE-78ED-4177-B0A8-0164C5B9D9F2"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA56DCD2-95DB-4D0B-80F1-40F5FF77D7F1"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA35F41F-D978-49CC-B17B-44CB652D9FBE"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7E4A68B-0860-4FD6-AA7F-153E077ED4F5"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A1F27FE-41BD-4222-9CCC-99D196B358D7"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B953F1B9-C93B-43C4-A338-A75C58F5C749"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB532078-695C-4F2F-AD63-DD45857B3E51"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6188C115-D99D-4351-BB12-360DEA370484"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD7EB7F5-DE00-4D0E-AC40-CFC18A077038"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24AD0E1B-9BBD-4A48-BDBA-082A7F478806"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEBD2FD9-8746-4C5C-BD3E-4D93D7B0FD93"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51618882-CE6A-4804-A1B2-A3AD52A1F1EB"}, {"criteria": "cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D3010D1-A70C-4D77-8679-61CA9D8BD7B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secalert@redhat.com"}