CVE-2016-6212

CWE-200Information Exposure5 documents5 sources
Severity
5.3MEDIUM
EPSS
0.5%
top 32.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Drupal CoreDrupal Drupal
Timeline
PublishedSep 9
Latest updateMay 17

Description

The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

Packagistdrupal/core8.08.1.3
Packagistdrupal/drupal8.08.1.3
NVDdrupal/drupal55 versions+54

🔴Vulnerability Details

3
OSV
Drupal Views can allow unauthorized users to see Statistics information2022-05-17
GHSA
Drupal Views can allow unauthorized users to see Statistics information2022-05-17
CVEList
CVE-2016-6212: The Views module 72016-09-09

💬Community

1
Bugzilla
CVE-2016-6211 CVE-2016-6212 drupal: several issues fixed in 7.442016-06-29
CVE-2016-6212 (MEDIUM CVSS 5.3) | The Views module 7.x-3.x before 7.x | cvebase.io