What is the severity of CVE-2007-1368?

CVE-2007-1368 is considered to have a medium severity level due to the potential for unauthorized access to private information.

How do I fix CVE-2007-1368?

To fix CVE-2007-1368, update the Drupal project issue tracking module to version 4.7.x-1.3 or later, or 5.x-0.2-beta or later.

Who is affected by CVE-2007-1368?

Users of the affected versions of the Drupal project issue tracking module who have authenticated access and the 'access project issues' permission are at risk.

What are the affected versions of Drupal for CVE-2007-1368?

The affected versions of Drupal for CVE-2007-1368 include versions before 4.7.x-1.3, 4.7.x-2.x before 4.7.x-2.3, and versions before 5.x-0.2-beta.

What is the nature of the vulnerability in CVE-2007-1368?

CVE-2007-1368 allows remote authenticated users to read the contents of a private node by manipulating the node identifier.

Vulnerability/
CVE-2007-1368

low

3.5

CWE

NVD-CWE-Other

9/3/2007

7/8/2024

CVE-2007-1368

First published: Fri Mar 09 2007(Updated: )

The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Drupal Drupal Project Issue Tracking	=4.7_2.1
Drupal Drupal Project Issue Tracking	=5.0_0.1
Drupal Drupal Project Issue Tracking	=5.7_1.1
Drupal Drupal Project Issue Tracking	=4.7_1.2
Drupal Drupal Project Issue Tracking	=4.7_2.0
Drupal Drupal Project Issue Tracking	=4.7_1.0
Drupal Drupal Project Issue Tracking	=4.7_2.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-1368?
CVE-2007-1368 is considered to have a medium severity level due to the potential for unauthorized access to private information.
How do I fix CVE-2007-1368?
To fix CVE-2007-1368, update the Drupal project issue tracking module to version 4.7.x-1.3 or later, or 5.x-0.2-beta or later.
Who is affected by CVE-2007-1368?
Users of the affected versions of the Drupal project issue tracking module who have authenticated access and the 'access project issues' permission are at risk.
What are the affected versions of Drupal for CVE-2007-1368?
The affected versions of Drupal for CVE-2007-1368 include versions before 4.7.x-1.3, 4.7.x-2.x before 4.7.x-2.3, and versions before 5.x-0.2-beta.
What is the nature of the vulnerability in CVE-2007-1368?
CVE-2007-1368 allows remote authenticated users to read the contents of a private node by manipulating the node identifier.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/tags
agent/event
agent/description
agent/first-publish-date
agent/source
vendor/drupal
canonical/drupal drupal project issue tracking
version/drupal drupal project issue tracking/4.7_2.1
version/drupal drupal project issue tracking/5.0_0.1
version/drupal drupal project issue tracking/5.7_1.1
version/drupal drupal project issue tracking/4.7_1.2
version/drupal drupal project issue tracking/4.7_2.0
version/drupal drupal project issue tracking/4.7_1.0
version/drupal drupal project issue tracking/4.7_2.2

CVE-2007-1368

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-1368?

How do I fix CVE-2007-1368?

Who is affected by CVE-2007-1368?

What are the affected versions of Drupal for CVE-2007-1368?

What is the nature of the vulnerability in CVE-2007-1368?

Company

Resources

Contact