CVE-2014-8735

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-8735
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://www.drupal.org/node/2360953 Patch Third Party Advisory
https://www.drupal.org/node/2360955 Patch Third Party Advisory
https://www.drupal.org/node/2361611 Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc1:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc2:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.x:dev:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.1:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.13:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.14:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.113:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.114:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.115:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.116:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.200:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.217:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.x:dev:*:*:*:drupal:*:*
History

No history.

Information

Published : 2014-11-12 16:55

Updated : 2024-02-04 18:35

NVD link : CVE-2014-8735

Mitre link : CVE-2014-8735

CVE.ORG link : CVE-2014-8735

JSON object : View

Products Affected

bad_behavior_project

  • bad_behavior
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor