Skip to main content

Drupal Multiple Vulnerabilities

Last Update Date: 19 Dec 2019 10:21 Release Date: 19 Dec 2019 6226 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities have been identified in Drupal. A remote user can exploit these vulnerabilities to trigger denial of service, security restriction bypass, sensitive information disclosure and tampering on the targeted system.


Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Versions prior to Drupal 7.69
  • Versions prior to Drupal 8.7.11
  • Versions prior to Drupal 8.8.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Update to Drupal 7.69
  • Update to Drupal 8.7.11
  • Update to Drupal 8.8.1

Vulnerability Identifier

  • No CVE information is available

Source


Related Link