What is the severity of CVE-2012-5655?

CVE-2012-5655 is considered a moderate severity vulnerability due to improper access controls in the Context module.

How do I fix CVE-2012-5655?

To fix CVE-2012-5655, update the Context module to version 6.x-3.1 or 7.x-3.0-beta6 and later.

Who is affected by CVE-2012-5655?

CVE-2012-5655 affects installations of the Context module prior to the patched versions on Drupal 6.x and 7.x.

What type of vulnerability is CVE-2012-5655?

CVE-2012-5655 is an access control vulnerability that allows unauthorized access to sensitive information.

Can I still use the Context module if I have CVE-2012-5655 installed?

While you can still use the Context module, it is highly recommended to update immediately to mitigate risks associated with CVE-2012-5655.

Vulnerability/
CVE-2012-5655

medium

CWE

264

3/1/2013

6/8/2024

CVE-2012-5655

First published: Thu Jan 03 2013(Updated: )

The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before 7.x-3.0-beta6 for Drupal does not properly restrict access to block content, which allows remote attackers to obtain sensitive information via a crafted request.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Steven Jones Context	=6.x-3.0
Steven Jones Context	=6.x-3.0-alpha1
Steven Jones Context	=6.x-3.0-alpha2
Steven Jones Context	=6.x-3.0-beta1
Steven Jones Context	=6.x-3.0-beta2
Steven Jones Context	=6.x-3.0-beta3
Steven Jones Context	=6.x-3.0-beta4
Steven Jones Context	=6.x-3.0-beta5
Steven Jones Context	=6.x-3.0-beta6
Steven Jones Context	=6.x-3.0-beta7
Steven Jones Context	=6.x-3.0-beta8
Steven Jones Context	=6.x-3.0-rc1
Steven Jones Context	=6.x-3.0-rc2
Steven Jones Context	=6.x-3.x-dev
Steven Jones Context	=7.x-3.0-alpha1
Steven Jones Context	=7.x-3.0-alpha2
Steven Jones Context	=7.x-3.0-alpha3
Steven Jones Context	=7.x-3.0-beta1
Steven Jones Context	=7.x-3.0-beta2
Steven Jones Context	=7.x-3.0-beta3
Steven Jones Context	=7.x-3.0-beta4
Steven Jones Context	=7.x-3.0-beta5
Steven Jones Context	=7.x-3.x-dev
Drupal

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-5655?
CVE-2012-5655 is considered a moderate severity vulnerability due to improper access controls in the Context module.
How do I fix CVE-2012-5655?
To fix CVE-2012-5655, update the Context module to version 6.x-3.1 or 7.x-3.0-beta6 and later.
Who is affected by CVE-2012-5655?
CVE-2012-5655 affects installations of the Context module prior to the patched versions on Drupal 6.x and 7.x.
What type of vulnerability is CVE-2012-5655?
CVE-2012-5655 is an access control vulnerability that allows unauthorized access to sensitive information.
Can I still use the Context module if I have CVE-2012-5655 installed?
While you can still use the Context module, it is highly recommended to update immediately to mitigate risks associated with CVE-2012-5655.

agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/remedy
agent/weakness
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/steven jones
canonical/steven jones context
version/steven jones context/6.x-3.0
version/steven jones context/6.x-3.0-alpha1
version/steven jones context/6.x-3.0-alpha2
version/steven jones context/6.x-3.0-beta1
version/steven jones context/6.x-3.0-beta2
version/steven jones context/6.x-3.0-beta3
version/steven jones context/6.x-3.0-beta4
version/steven jones context/6.x-3.0-beta5
version/steven jones context/6.x-3.0-beta6
version/steven jones context/6.x-3.0-beta7
version/steven jones context/6.x-3.0-beta8
version/steven jones context/6.x-3.0-rc1
version/steven jones context/6.x-3.0-rc2
version/steven jones context/6.x-3.x-dev
version/steven jones context/7.x-3.0-alpha1
version/steven jones context/7.x-3.0-alpha2
version/steven jones context/7.x-3.0-alpha3
version/steven jones context/7.x-3.0-beta1
version/steven jones context/7.x-3.0-beta2
version/steven jones context/7.x-3.0-beta3
version/steven jones context/7.x-3.0-beta4
version/steven jones context/7.x-3.0-beta5
version/steven jones context/7.x-3.x-dev
vendor/drupal
canonical/drupal

Frequently Asked Questions

What is the severity of CVE-2012-5655?
CVE-2012-5655 is considered a moderate severity vulnerability due to improper access controls in the Context module.
How do I fix CVE-2012-5655?
To fix CVE-2012-5655, update the Context module to version 6.x-3.1 or 7.x-3.0-beta6 and later.
Who is affected by CVE-2012-5655?
CVE-2012-5655 affects installations of the Context module prior to the patched versions on Drupal 6.x and 7.x.
What type of vulnerability is CVE-2012-5655?
CVE-2012-5655 is an access control vulnerability that allows unauthorized access to sensitive information.
Can I still use the Context module if I have CVE-2012-5655 installed?
While you can still use the Context module, it is highly recommended to update immediately to mitigate risks associated with CVE-2012-5655.

CVE-2012-5655

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-5655?

How do I fix CVE-2012-5655?

Who is affected by CVE-2012-5655?

What type of vulnerability is CVE-2012-5655?

Can I still use the Context module if I have CVE-2012-5655 installed?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2012-5655?

How do I fix CVE-2012-5655?

Who is affected by CVE-2012-5655?

What type of vulnerability is CVE-2012-5655?

Can I still use the Context module if I have CVE-2012-5655 installed?