Vulnerability Details CVE-2010-3091
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not verifying the openid.return_to value, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://drupal.org/node/880476
- http://drupal.org/node/880480
- http://marc.info/?l=oss-security&m=128418560705305&w=2
- http://marc.info/?l=oss-security&m=128440896914512&w=2
- http://www.debian.org/security/2010/dsa-2113
- http://www.securityfocus.com/bid/42388
- http://drupal.org/node/880476
- http://drupal.org/node/880480
- http://marc.info/?l=oss-security&m=128418560705305&w=2
- http://marc.info/?l=oss-security&m=128440896914512&w=2
- http://www.debian.org/security/2010/dsa-2113
- http://www.securityfocus.com/bid/42388
Products affected by CVE-2010-3091
-
cpe:2.3:a:drupal:drupal:6.0
-
cpe:2.3:a:drupal:drupal:6.1
-
cpe:2.3:a:drupal:drupal:6.10
-
cpe:2.3:a:drupal:drupal:6.11
-
cpe:2.3:a:drupal:drupal:6.12
-
cpe:2.3:a:drupal:drupal:6.13
-
cpe:2.3:a:drupal:drupal:6.14
-
cpe:2.3:a:drupal:drupal:6.15
-
cpe:2.3:a:drupal:drupal:6.16
-
cpe:2.3:a:drupal:drupal:6.17
-
cpe:2.3:a:drupal:drupal:6.2
-
cpe:2.3:a:drupal:drupal:6.3
-
cpe:2.3:a:drupal:drupal:6.4
-
cpe:2.3:a:drupal:drupal:6.5
-
cpe:2.3:a:drupal:drupal:6.6
-
cpe:2.3:a:drupal:drupal:6.7
-
cpe:2.3:a:drupal:drupal:6.8
-
cpe:2.3:a:drupal:drupal:6.9
-
cpe:2.3:a:peter_wolanin:openid:5.x-1.0
-
cpe:2.3:a:peter_wolanin:openid:5.x-1.1
-
cpe:2.3:a:peter_wolanin:openid:5.x-1.2
-
cpe:2.3:a:peter_wolanin:openid:5.x-1.3
-
cpe:2.3:a:peter_wolanin:openid:5.x-1.x