English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

CVE-2017-6919

Low
Low Medium High Critical
CVSS Score
Published: Apr 20, 2017
Last Modified: Apr 20, 2025
CWE: NVD-CWE-noinfo

Vulnerability Description

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

Known Affected Software

27 configuration(s) from 1 vendor(s)

drupal
Version:
8.2.2
CPE:
cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
drupal
Version:
8.1.10
CPE:
cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
drupal
Version:
8.0.0
CPE:
cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
drupal
Version:
8.1.4
CPE:
cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
drupal
Version:
8.1.2
CPE:
cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
drupal
Version:
8.0.3
CPE:
cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
drupal
Version:
8.0.2
CPE:
cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
drupal
Version:
8.0.1
CPE:
cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
drupal
Version:
8.2.5
CPE:
cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
drupal
Version:
8.1.3
CPE:
cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
drupal
Version:
8.2.0
CPE:
cpe:2.3:a:drupal:drupal:8.2.0:-:*:*:*:*:*:*
drupal
Version:
8.1.7
CPE:
cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
drupal
Version:
8.2.1
CPE:
cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
drupal
Version:
8.1.5
CPE:
cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
drupal
Version:
8.0.4
CPE:
cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
drupal
Version:
8.1.0
CPE:
cpe:2.3:a:drupal:drupal:8.1.0:-:*:*:*:*:*:*
drupal
Version:
8.1.8
CPE:
cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
drupal
Version:
8.0.5
CPE:
cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
drupal
Version:
8.0.6
CPE:
cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
drupal
Version:
8.2.7
CPE:
cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
drupal
Version:
8.1.9
CPE:
cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
drupal
Version:
8.2.3
CPE:
cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
drupal
Version:
8.2.4
CPE:
cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
drupal
Version:
8.2.6
CPE:
cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
drupal
Version:
8.3.0
CPE:
cpe:2.3:a:drupal:drupal:8.3.0:-:*:*:*:*:*:*
drupal
Version:
8.1.1
CPE:
cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
drupal
Version:
8.1.6
CPE:
cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
This vulnerability affects 27 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0
Low

Weakness Type (CWE)

NVD-CWE-noinfo
View CWE Details on MITRE

Key Information

Published Date
April 20, 2017

External Resources

NIST
NIST NVD
National Vulnerability Database
MT
MITRE CVE
Official CVE record