CVE-2016-3164

Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on a 404 error page, related to path manipulation.

CVSS v3.0 7.4 HIGH
CVSS v2.0 5.8 MEDIUM

7.4^/10

CVSS v3.0 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Exploitability : 2.8 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.openwall.com/lists/oss-security/2016/02/24/19
http://www.debian.org/security/2016/dsa-3498
https://www.drupal.org/SA-CORE-2016-001	Patch Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/03/15/10

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:drupal:drupal:8.0.3:::::::*
	cpe:2.3:a:drupal:drupal:8.0.2:::::::*
	cpe:2.3:a:drupal:drupal:8.0.1:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:beta6::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta4::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta3::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta2::::::
	cpe:2.3:a:drupal:drupal:8.0.0:rc3::::::
	cpe:2.3:a:drupal:drupal:8.0.0:rc1::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta12::::::
	cpe:2.3:a:drupal:drupal:7.0:dev::::::
	cpe:2.3:a:drupal:drupal:7.21:::::::*
	cpe:2.3:a:drupal:drupal:7.0:rc2::::::
	cpe:2.3:a:drupal:drupal:7.15:::::::*
	cpe:2.3:a:drupal:drupal:7.38:::::::*
	cpe:2.3:a:drupal:drupal:7.3:::::::*
	cpe:2.3:a:drupal:drupal:7.0:alpha4::::::
	cpe:2.3:a:drupal:drupal:7.13:::::::*
	cpe:2.3:a:drupal:drupal:7.5:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:beta7::::::
	cpe:2.3:a:drupal:drupal:7.x-dev:::::::*
	cpe:2.3:a:drupal:drupal:7.28:::::::*
	cpe:2.3:a:drupal:drupal:7.0:alpha2::::::
	cpe:2.3:a:drupal:drupal:8.0.0:alpha14::::::
	cpe:2.3:a:drupal:drupal:6.8:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:alpha7::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta10::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta1::::::
	cpe:2.3:a:drupal:drupal:7.32:::::::*
	cpe:2.3:a:drupal:drupal:6.6:::::::*
	cpe:2.3:a:drupal:drupal:7.2:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:alpha5::::::
	cpe:2.3:a:drupal:drupal:7.0:alpha7::::::
	cpe:2.3:a:drupal:drupal:7.16:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:beta15::::::
	cpe:2.3:a:drupal:drupal:6.2:::::::*
	cpe:2.3:a:drupal:drupal:7.18:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:alpha11::::::
	cpe:2.3:a:drupal:drupal:8.0.0:beta16::::::
	cpe:2.3:a:drupal:drupal:6.24:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:alpha4::::::
	cpe:2.3:a:drupal:drupal:6.0:dev::::::
	cpe:2.3:a:drupal:drupal:6.18:::::::*
	cpe:2.3:a:drupal:drupal:7.41:::::::*
	cpe:2.3:a:drupal:drupal:7.0:beta2::::::
	cpe:2.3:a:drupal:drupal:8.0.0:alpha3::::::
	cpe:2.3:a:drupal:drupal:6.0:beta4::::::
	cpe:2.3:a:drupal:drupal:8.0.0:alpha2::::::
	cpe:2.3:a:drupal:drupal:6.32:::::::*
	cpe:2.3:a:drupal:drupal:7.17:::::::*
	cpe:2.3:a:drupal:drupal:7.35:::::::*
	cpe:2.3:a:drupal:drupal:6.0:rc3::::::
	cpe:2.3:a:drupal:drupal:6.4:::::::*
	cpe:2.3:a:drupal:drupal:6.0:beta1::::::
	cpe:2.3:a:drupal:drupal:7.34:::::::*
	cpe:2.3:a:drupal:drupal:6.36:::::::*
	cpe:2.3:a:drupal:drupal:6.35:::::::*
	cpe:2.3:a:drupal:drupal:6.30:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:alpha12::::::
	cpe:2.3:a:drupal:drupal:6.22:::::::*
	cpe:2.3:a:drupal:drupal:6.19:::::::*
	cpe:2.3:a:drupal:drupal:8.0.0:beta13::::::
	cpe:2.3:a:drupal:drupal:7.33:::::::*
cpe:2.3:a:drupal:drupal:6.1:::::::*
cpe:2.3:a:drupal:drupal:6.21:::::::*
cpe:2.3:a:drupal:drupal:7.0:alpha6::::::
cpe:2.3:a:drupal:drupal:7.19:::::::*
cpe:2.3:a:drupal:drupal:7.0:beta1::::::
cpe:2.3:a:drupal:drupal:6.0:beta3::::::
cpe:2.3:a:drupal:drupal:6.16:::::::*
cpe:2.3:a:drupal:drupal:6.34:::::::*
cpe:2.3:a:drupal:drupal:6.0:rc1::::::
cpe:2.3:a:drupal:drupal:7.42:::::::*
cpe:2.3:a:drupal:drupal:6.20:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:beta14::::::
cpe:2.3:a:drupal:drupal:7.36:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:alpha9::::::
cpe:2.3:a:drupal:drupal:7.0:alpha5::::::
cpe:2.3:a:drupal:drupal:6.0:beta2::::::
cpe:2.3:a:drupal:drupal:6.33:::::::*
cpe:2.3:a:drupal:drupal:7.40:::::::*
cpe:2.3:a:drupal:drupal:6.0:rc2::::::
cpe:2.3:a:drupal:drupal:7.0:rc4::::::
cpe:2.3:a:drupal:drupal:6.14:::::::*
cpe:2.3:a:drupal:drupal:6.13:::::::*
cpe:2.3:a:drupal:drupal:6.25:::::::*
cpe:2.3:a:drupal:drupal:7.0:rc3::::::
cpe:2.3:a:drupal:drupal:7.0:alpha1::::::
cpe:2.3:a:drupal:drupal:6.12:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:alpha6::::::
cpe:2.3:a:drupal:drupal:7.8:::::::*
cpe:2.3:a:drupal:drupal:7.20:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:beta11::::::
cpe:2.3:a:drupal:drupal:6.0:rc4::::::
cpe:2.3:a:drupal:drupal:6.11:::::::*
cpe:2.3:a:drupal:drupal:7.10:::::::*
cpe:2.3:a:drupal:drupal:7.30:::::::*
cpe:2.3:a:drupal:drupal:7.27:::::::*
cpe:2.3:a:drupal:drupal:7.6:::::::*
cpe:2.3:a:drupal:drupal:7.12:::::::*
cpe:2.3:a:drupal:drupal:7.9:::::::*
cpe:2.3:a:drupal:drupal:7.0:rc1::::::
cpe:2.3:a:drupal:drupal:6.26:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:rc4::::::
cpe:2.3:a:drupal:drupal:8.0.0:alpha15::::::
cpe:2.3:a:drupal:drupal:7.0:beta3::::::
cpe:2.3:a:drupal:drupal:7.4:::::::*
cpe:2.3:a:drupal:drupal:6.7:::::::*
cpe:2.3:a:drupal:drupal:7.22:::::::*
cpe:2.3:a:drupal:drupal:6.27:::::::*
cpe:2.3:a:drupal:drupal:7.11:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:alpha13::::::
cpe:2.3:a:drupal:drupal:6.28:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:alpha10::::::
cpe:2.3:a:drupal:drupal:6.17:::::::*
cpe:2.3:a:drupal:drupal:6.5:::::::*
cpe:2.3:a:drupal:drupal:7.25:::::::*
cpe:2.3:a:drupal:drupal:7.0:::::::*
cpe:2.3:a:drupal:drupal:7.24:::::::*
cpe:2.3:a:drupal:drupal:6.31:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:alpha8::::::
cpe:2.3:a:drupal:drupal:6.10:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:rc2::::::
cpe:2.3:a:drupal:drupal:7.14:::::::*
cpe:2.3:a:drupal:drupal:7.23:::::::*
cpe:2.3:a:drupal:drupal:7.26:::::::*
cpe:2.3:a:drupal:drupal:6.23:::::::*
cpe:2.3:a:drupal:drupal:7.29:::::::*
cpe:2.3:a:drupal:drupal:6.0:::::::*
cpe:2.3:a:drupal:drupal:7.1:::::::*
cpe:2.3:a:drupal:drupal:7.31:::::::*
cpe:2.3:a:drupal:drupal:6.15:::::::*
cpe:2.3:a:drupal:drupal:7.7:::::::*
cpe:2.3:a:drupal:drupal:7.0:alpha3::::::
cpe:2.3:a:drupal:drupal:6.3:::::::*
cpe:2.3:a:drupal:drupal:6.29:::::::*
cpe:2.3:a:drupal:drupal:7.37:::::::*
cpe:2.3:a:drupal:drupal:6.37:::::::*
cpe:2.3:a:drupal:drupal:8.0.0:beta9::::::
cpe:2.3:a:drupal:drupal:6.9:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

Information

Published : 2016-04-12 08:59

Updated : 2016-04-12 17:55

NVD link : CVE-2016-3164

Mitre link : CVE-2016-3164

JSON object : View

CWE

NVD-CWE-Other

Products Affected

debian

debian_linux

drupal

drupal

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2016/02/24/19", "name": "[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001)", "tags": [], "refsource": "MLIST"}, {"url": "http://www.debian.org/security/2016/dsa-3498", "name": "DSA-3498", "tags": [], "refsource": "DEBIAN"}, {"url": "https://www.drupal.org/SA-CORE-2016-001", "name": "https://www.drupal.org/SA-CORE-2016-001", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2016/03/15/10", "name": "[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001)", "tags": [], "refsource": "MLIST"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on a 404 error page, related to path manipulation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-3164", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.0", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.8}}, "publishedDate": "2016-04-12T15:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-04-13T00:55Z"}

7.4 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

5.8 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2016-3164

7.4^/10

5.8^/10

Attach tags to `CVE-2016-3164`