CVE-2013-0205 Detail

CVE-2013-0205

CVE Descriptions

Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-352	Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	6.8		AV:N/AC:M/Au:N/C:P/I:P/A:P	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Restful_web_services_project>>Restful_web_services >> Version From (including) 7.x-1.0 To (excluding) 7.x-1.2

Restful_web_services_project>>Restful_web_services >> Version 7.x-1.0 (Open CPE detail)
Restful_web_services_project>>Restful_web_services >> Version 7.x-1.0 (Open CPE detail)
Restful_web_services_project>>Restful_web_services >> Version 7.x-1.0 (Open CPE detail)
Restful_web_services_project>>Restful_web_services >> Version 7.x-1.1 (Open CPE detail)

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0 (Open CPE detail)

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0 (Open CPE detail)

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0 (Open CPE detail)

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0

Restful_web_services_project>>Restful_web_services >> Version 7.x-2.0 (Open CPE detail)

Drupal>>Drupal >> Version From (including) 7.0 To (including) 7.82

Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.0 (Open CPE detail)
Drupal>>Drupal >> Version 7.1 (Open CPE detail)
Drupal>>Drupal >> Version 7.2 (Open CPE detail)
Drupal>>Drupal >> Version 7.3 (Open CPE detail)
Drupal>>Drupal >> Version 7.4 (Open CPE detail)
Drupal>>Drupal >> Version 7.5 (Open CPE detail)
Drupal>>Drupal >> Version 7.6 (Open CPE detail)
Drupal>>Drupal >> Version 7.7 (Open CPE detail)
Drupal>>Drupal >> Version 7.8 (Open CPE detail)
Drupal>>Drupal >> Version 7.9 (Open CPE detail)
Drupal>>Drupal >> Version 7.10 (Open CPE detail)
Drupal>>Drupal >> Version 7.11 (Open CPE detail)
Drupal>>Drupal >> Version 7.12 (Open CPE detail)
Drupal>>Drupal >> Version 7.13 (Open CPE detail)
Drupal>>Drupal >> Version 7.14 (Open CPE detail)
Drupal>>Drupal >> Version 7.15 (Open CPE detail)
Drupal>>Drupal >> Version 7.16 (Open CPE detail)
Drupal>>Drupal >> Version 7.17 (Open CPE detail)
Drupal>>Drupal >> Version 7.18 (Open CPE detail)
Drupal>>Drupal >> Version 7.19 (Open CPE detail)
Drupal>>Drupal >> Version 7.20 (Open CPE detail)
Drupal>>Drupal >> Version 7.21 (Open CPE detail)
Drupal>>Drupal >> Version 7.22 (Open CPE detail)
Drupal>>Drupal >> Version 7.23 (Open CPE detail)
Drupal>>Drupal >> Version 7.24 (Open CPE detail)
Drupal>>Drupal >> Version 7.25 (Open CPE detail)
Drupal>>Drupal >> Version 7.26 (Open CPE detail)
Drupal>>Drupal >> Version 7.27 (Open CPE detail)
Drupal>>Drupal >> Version 7.28 (Open CPE detail)
Drupal>>Drupal >> Version 7.29 (Open CPE detail)
Drupal>>Drupal >> Version 7.30 (Open CPE detail)
Drupal>>Drupal >> Version 7.31 (Open CPE detail)
Drupal>>Drupal >> Version 7.32 (Open CPE detail)
Drupal>>Drupal >> Version 7.33 (Open CPE detail)
Drupal>>Drupal >> Version 7.34 (Open CPE detail)
Drupal>>Drupal >> Version 7.35 (Open CPE detail)
Drupal>>Drupal >> Version 7.36 (Open CPE detail)
Drupal>>Drupal >> Version 7.37 (Open CPE detail)
Drupal>>Drupal >> Version 7.38 (Open CPE detail)
Drupal>>Drupal >> Version 7.39 (Open CPE detail)
Drupal>>Drupal >> Version 7.40 (Open CPE detail)
Drupal>>Drupal >> Version 7.41 (Open CPE detail)
Drupal>>Drupal >> Version 7.42 (Open CPE detail)
Drupal>>Drupal >> Version 7.43 (Open CPE detail)
Drupal>>Drupal >> Version 7.44 (Open CPE detail)
Drupal>>Drupal >> Version 7.50 (Open CPE detail)
Drupal>>Drupal >> Version 7.51 (Open CPE detail)
Drupal>>Drupal >> Version 7.52 (Open CPE detail)
Drupal>>Drupal >> Version 7.53 (Open CPE detail)
Drupal>>Drupal >> Version 7.54 (Open CPE detail)
Drupal>>Drupal >> Version 7.55 (Open CPE detail)
Drupal>>Drupal >> Version 7.56 (Open CPE detail)
Drupal>>Drupal >> Version 7.57 (Open CPE detail)
Drupal>>Drupal >> Version 7.58 (Open CPE detail)
Drupal>>Drupal >> Version 7.59 (Open CPE detail)
Drupal>>Drupal >> Version 7.60 (Open CPE detail)
Drupal>>Drupal >> Version 7.61 (Open CPE detail)
Drupal>>Drupal >> Version 7.62 (Open CPE detail)
Drupal>>Drupal >> Version 7.63 (Open CPE detail)
Drupal>>Drupal >> Version 7.64 (Open CPE detail)
Drupal>>Drupal >> Version 7.65 (Open CPE detail)
Drupal>>Drupal >> Version 7.66 (Open CPE detail)
Drupal>>Drupal >> Version 7.67 (Open CPE detail)
Drupal>>Drupal >> Version 7.68 (Open CPE detail)
Drupal>>Drupal >> Version 7.69 (Open CPE detail)
Drupal>>Drupal >> Version 7.70 (Open CPE detail)
Drupal>>Drupal >> Version 7.71 (Open CPE detail)
Drupal>>Drupal >> Version 7.72 (Open CPE detail)
Drupal>>Drupal >> Version 7.73 (Open CPE detail)
Drupal>>Drupal >> Version 7.74 (Open CPE detail)
Drupal>>Drupal >> Version 7.75 (Open CPE detail)
Drupal>>Drupal >> Version 7.76 (Open CPE detail)
Drupal>>Drupal >> Version 7.77 (Open CPE detail)
Drupal>>Drupal >> Version 7.78 (Open CPE detail)
Drupal>>Drupal >> Version 7.79 (Open CPE detail)
Drupal>>Drupal >> Version 7.80 (Open CPE detail)
Drupal>>Drupal >> Version 7.81 (Open CPE detail)
Drupal>>Drupal >> Version 7.82 (Open CPE detail)

References

https://drupal.org/node/1890216
Tags : x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2013/01/21/5
Tags : mailing-list, x_refsource_MLIST

https://drupal.org/node/1890222
Tags : x_refsource_MISC

https://drupal.org/node/1890212
Tags : x_refsource_CONFIRM

CVE-2013-0205 : Detail

CVE-2013-0205

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

References