CVE-2012-4494
First published: Wed Oct 31 2012(Updated: )
The Shibboleth authentication module 7.x-4.0 for Drupal does not properly check the active status of users, which allows remote blocked users to access bypass intended access restrictions and possibly have other impacts by logging in.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Niif Shibb Auth | =7.x-4.0 | |
| Drupal Drupal |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/niif
- canonical/niif shibb auth
- version/niif shibb auth/7.x-4.0
- vendor/drupal
- canonical/drupal drupal