Vulnerability Details CVE-2013-2198
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.openwall.com/lists/oss-security/2013/06/20/3
- https://drupal.org/node/2023503
- https://drupal.org/node/2023507
- https://drupal.org/node/2023585
- http://www.openwall.com/lists/oss-security/2013/06/20/3
- https://drupal.org/node/2023503
- https://drupal.org/node/2023507
- https://drupal.org/node/2023585
Products affected by CVE-2013-2198
-
cpe:2.3:a:login_security_project:login_security:6.x-1.0
-
cpe:2.3:a:login_security_project:login_security:6.x-1.1
-
cpe:2.3:a:login_security_project:login_security:6.x-1.2
-
cpe:2.3:a:login_security_project:login_security:6.x-1.3
-
cpe:2.3:a:login_security_project:login_security:6.x-1.x
-
cpe:2.3:a:login_security_project:login_security:7.x-1.0
-
cpe:2.3:a:login_security_project:login_security:7.x-1.1
-
cpe:2.3:a:login_security_project:login_security:7.x-1.2
-
cpe:2.3:a:login_security_project:login_security:7.x-1.3
-
cpe:2.3:a:login_security_project:login_security:7.x-1.x