CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.3%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2013-6386

Drupal » Drupal » Version: 6.0

cpe:2.3:a:drupal:drupal:6.0
Drupal » Drupal » Version: 6.1

cpe:2.3:a:drupal:drupal:6.1
Drupal » Drupal » Version: 6.10

cpe:2.3:a:drupal:drupal:6.10
Drupal » Drupal » Version: 6.11

cpe:2.3:a:drupal:drupal:6.11
Drupal » Drupal » Version: 6.12

cpe:2.3:a:drupal:drupal:6.12
Drupal » Drupal » Version: 6.13

cpe:2.3:a:drupal:drupal:6.13
Drupal » Drupal » Version: 6.14

cpe:2.3:a:drupal:drupal:6.14
Drupal » Drupal » Version: 6.15

cpe:2.3:a:drupal:drupal:6.15
Drupal » Drupal » Version: 6.16

cpe:2.3:a:drupal:drupal:6.16
Drupal » Drupal » Version: 6.17

cpe:2.3:a:drupal:drupal:6.17
Drupal » Drupal » Version: 6.18

cpe:2.3:a:drupal:drupal:6.18
Drupal » Drupal » Version: 6.19

cpe:2.3:a:drupal:drupal:6.19
Drupal » Drupal » Version: 6.2

cpe:2.3:a:drupal:drupal:6.2
Drupal » Drupal » Version: 6.20

cpe:2.3:a:drupal:drupal:6.20
Drupal » Drupal » Version: 6.21

cpe:2.3:a:drupal:drupal:6.21
Drupal » Drupal » Version: 6.22

cpe:2.3:a:drupal:drupal:6.22
Drupal » Drupal » Version: 6.23

cpe:2.3:a:drupal:drupal:6.23
Drupal » Drupal » Version: 6.24

cpe:2.3:a:drupal:drupal:6.24
Drupal » Drupal » Version: 6.25

cpe:2.3:a:drupal:drupal:6.25
Drupal » Drupal » Version: 6.26

cpe:2.3:a:drupal:drupal:6.26
Drupal » Drupal » Version: 6.27

cpe:2.3:a:drupal:drupal:6.27
Drupal » Drupal » Version: 6.28

cpe:2.3:a:drupal:drupal:6.28
Drupal » Drupal » Version: 6.3

cpe:2.3:a:drupal:drupal:6.3
Drupal » Drupal » Version: 6.4

cpe:2.3:a:drupal:drupal:6.4
Drupal » Drupal » Version: 6.5

cpe:2.3:a:drupal:drupal:6.5
Drupal » Drupal » Version: 6.6

cpe:2.3:a:drupal:drupal:6.6
Drupal » Drupal » Version: 6.7

cpe:2.3:a:drupal:drupal:6.7
Drupal » Drupal » Version: 6.8

cpe:2.3:a:drupal:drupal:6.8
Drupal » Drupal » Version: 6.9

cpe:2.3:a:drupal:drupal:6.9
Drupal » Drupal » Version: 7.0

cpe:2.3:a:drupal:drupal:7.0
Drupal » Drupal » Version: 7.1

cpe:2.3:a:drupal:drupal:7.1
Drupal » Drupal » Version: 7.10

cpe:2.3:a:drupal:drupal:7.10
Drupal » Drupal » Version: 7.11

cpe:2.3:a:drupal:drupal:7.11
Drupal » Drupal » Version: 7.12

cpe:2.3:a:drupal:drupal:7.12
Drupal » Drupal » Version: 7.13

cpe:2.3:a:drupal:drupal:7.13
Drupal » Drupal » Version: 7.14

cpe:2.3:a:drupal:drupal:7.14
Drupal » Drupal » Version: 7.15

cpe:2.3:a:drupal:drupal:7.15
Drupal » Drupal » Version: 7.16

cpe:2.3:a:drupal:drupal:7.16
Drupal » Drupal » Version: 7.17

cpe:2.3:a:drupal:drupal:7.17
Drupal » Drupal » Version: 7.18

cpe:2.3:a:drupal:drupal:7.18
Drupal » Drupal » Version: 7.19

cpe:2.3:a:drupal:drupal:7.19
Drupal » Drupal » Version: 7.2

cpe:2.3:a:drupal:drupal:7.2
Drupal » Drupal » Version: 7.20

cpe:2.3:a:drupal:drupal:7.20
Drupal » Drupal » Version: 7.21

cpe:2.3:a:drupal:drupal:7.21
Drupal » Drupal » Version: 7.22

cpe:2.3:a:drupal:drupal:7.22
Drupal » Drupal » Version: 7.23

cpe:2.3:a:drupal:drupal:7.23
Drupal » Drupal » Version: 7.3

cpe:2.3:a:drupal:drupal:7.3
Drupal » Drupal » Version: 7.4

cpe:2.3:a:drupal:drupal:7.4
Drupal » Drupal » Version: 7.5

cpe:2.3:a:drupal:drupal:7.5
Drupal » Drupal » Version: 7.6

cpe:2.3:a:drupal:drupal:7.6
Drupal » Drupal » Version: 7.7

cpe:2.3:a:drupal:drupal:7.7
Drupal » Drupal » Version: 7.8

cpe:2.3:a:drupal:drupal:7.8
Drupal » Drupal » Version: 7.9

cpe:2.3:a:drupal:drupal:7.9
Drupal » Drupal » Version: 7.x-dev

cpe:2.3:a:drupal:drupal:7.x-dev

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6386

Products

Pricing

Contact Us