Vulnerability Details CVE-2014-8736
The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-8736
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.2
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.4
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.5
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.6
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.7
-
cpe:2.3:a:open_atrium_project:open_atrium:6.x-1.9
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.0
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.01
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.04
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.09
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.12
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.13
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.15
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.16
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.17
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.18
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.19
-
cpe:2.3:a:open_atrium_project:open_atrium:7.x-2.21