Vulnerability Details CVE-2014-8735
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.4%
CVSS Severity
CVSS v2 Score 4.0
References
Products affected by CVE-2014-8735
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.x
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.1
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.113
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.114
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.115
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.116
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.13
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.14
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.200
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.214
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.215
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.216
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.217
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.220
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.221
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2210
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2211
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2212
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2213
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2214
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2215
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.222
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.223
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.225
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.226
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.227
-
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.228
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.220
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.221
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2210
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2211
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2212
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2213
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2214
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2215
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2216
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.222
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.223
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.225
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.226
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.227
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.228
-
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.x