Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-3170

The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2016-3170
  • Drupal » Drupal » Version: 7.0
    cpe:2.3:a:drupal:drupal:7.0
  • Drupal » Drupal » Version: 7.1
    cpe:2.3:a:drupal:drupal:7.1
  • Drupal » Drupal » Version: 7.10
    cpe:2.3:a:drupal:drupal:7.10
  • Drupal » Drupal » Version: 7.11
    cpe:2.3:a:drupal:drupal:7.11
  • Drupal » Drupal » Version: 7.12
    cpe:2.3:a:drupal:drupal:7.12
  • Drupal » Drupal » Version: 7.13
    cpe:2.3:a:drupal:drupal:7.13
  • Drupal » Drupal » Version: 7.14
    cpe:2.3:a:drupal:drupal:7.14
  • Drupal » Drupal » Version: 7.15
    cpe:2.3:a:drupal:drupal:7.15
  • Drupal » Drupal » Version: 7.16
    cpe:2.3:a:drupal:drupal:7.16
  • Drupal » Drupal » Version: 7.17
    cpe:2.3:a:drupal:drupal:7.17
  • Drupal » Drupal » Version: 7.18
    cpe:2.3:a:drupal:drupal:7.18
  • Drupal » Drupal » Version: 7.19
    cpe:2.3:a:drupal:drupal:7.19
  • Drupal » Drupal » Version: 7.2
    cpe:2.3:a:drupal:drupal:7.2
  • Drupal » Drupal » Version: 7.20
    cpe:2.3:a:drupal:drupal:7.20
  • Drupal » Drupal » Version: 7.21
    cpe:2.3:a:drupal:drupal:7.21
  • Drupal » Drupal » Version: 7.22
    cpe:2.3:a:drupal:drupal:7.22
  • Drupal » Drupal » Version: 7.23
    cpe:2.3:a:drupal:drupal:7.23
  • Drupal » Drupal » Version: 7.24
    cpe:2.3:a:drupal:drupal:7.24
  • Drupal » Drupal » Version: 7.25
    cpe:2.3:a:drupal:drupal:7.25
  • Drupal » Drupal » Version: 7.26
    cpe:2.3:a:drupal:drupal:7.26
  • Drupal » Drupal » Version: 7.27
    cpe:2.3:a:drupal:drupal:7.27
  • Drupal » Drupal » Version: 7.28
    cpe:2.3:a:drupal:drupal:7.28
  • Drupal » Drupal » Version: 7.29
    cpe:2.3:a:drupal:drupal:7.29
  • Drupal » Drupal » Version: 7.3
    cpe:2.3:a:drupal:drupal:7.3
  • Drupal » Drupal » Version: 7.30
    cpe:2.3:a:drupal:drupal:7.30
  • Drupal » Drupal » Version: 7.33
    cpe:2.3:a:drupal:drupal:7.33
  • Drupal » Drupal » Version: 7.34
    cpe:2.3:a:drupal:drupal:7.34
  • Drupal » Drupal » Version: 7.35
    cpe:2.3:a:drupal:drupal:7.35
  • Drupal » Drupal » Version: 7.36
    cpe:2.3:a:drupal:drupal:7.36
  • Drupal » Drupal » Version: 7.37
    cpe:2.3:a:drupal:drupal:7.37
  • Drupal » Drupal » Version: 7.38
    cpe:2.3:a:drupal:drupal:7.38
  • Drupal » Drupal » Version: 7.39
    cpe:2.3:a:drupal:drupal:7.39
  • Drupal » Drupal » Version: 7.4
    cpe:2.3:a:drupal:drupal:7.4
  • Drupal » Drupal » Version: 7.40
    cpe:2.3:a:drupal:drupal:7.40
  • Drupal » Drupal » Version: 7.41
    cpe:2.3:a:drupal:drupal:7.41
  • Drupal » Drupal » Version: 7.42
    cpe:2.3:a:drupal:drupal:7.42
  • Drupal » Drupal » Version: 7.5
    cpe:2.3:a:drupal:drupal:7.5
  • Drupal » Drupal » Version: 7.6
    cpe:2.3:a:drupal:drupal:7.6
  • Drupal » Drupal » Version: 7.7
    cpe:2.3:a:drupal:drupal:7.7
  • Drupal » Drupal » Version: 7.8
    cpe:2.3:a:drupal:drupal:7.8
  • Drupal » Drupal » Version: 7.9
    cpe:2.3:a:drupal:drupal:7.9
  • Drupal » Drupal » Version: 7.x-dev
    cpe:2.3:a:drupal:drupal:7.x-dev
  • Drupal » Drupal » Version: 8.0
    cpe:2.3:a:drupal:drupal:8.0
  • Drupal » Drupal » Version: 8.0.1
    cpe:2.3:a:drupal:drupal:8.0.1
  • Drupal » Drupal » Version: 8.0.2
    cpe:2.3:a:drupal:drupal:8.0.2
  • Drupal » Drupal » Version: 8.0.3
    cpe:2.3:a:drupal:drupal:8.0.3
  • Debian » Debian Linux » Version: 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved