Vulnerability Details CVE-2017-20001
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisory policy.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2017-20001
-
cpe:2.3:a:aes_encryption_project:aes_encryption:7.x-1.10
-
cpe:2.3:a:aes_encryption_project:aes_encryption:7.x-1.4
-
cpe:2.3:a:aes_encryption_project:aes_encryption:8.x-2.1
-
cpe:2.3:a:aes_encryption_project:aes_encryption:8.x-2.4