Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2016-7572

The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for "Export configuration" permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors.

  • Published: Oct 3, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-7572
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
drupal / drupal 8.0.0-alpha9 8.0.0-alpha9.x
drupal / drupal 8.0.0-beta12 8.0.0-beta12.x
drupal / drupal 8.0.0-beta15 8.0.0-beta15.x
drupal / drupal 8.1.0-rc1 8.1.0-rc1.x
drupal / drupal 8.0.0-beta3 8.0.0-beta3.x
drupal / drupal 8.0.0-alpha11 8.0.0-alpha11.x
drupal / drupal 8.0.0-rc1 8.0.0-rc1.x
drupal / drupal 8.0.0-beta16 8.0.0-beta16.x
drupal / drupal 8.0.0-alpha4 8.0.0-alpha4.x
drupal / drupal 8.1.2 8.1.2.x
drupal / drupal 8.1.6 8.1.6.x
drupal / drupal 8.0.0-alpha3 8.0.0-alpha3.x
drupal / drupal 8.0.0-alpha2 8.0.0-alpha2.x
drupal / drupal 8.0.0-beta4 8.0.0-beta4.x
drupal / drupal 8.0.0-alpha6 8.0.0-alpha6.x
drupal / drupal 8.1.8 8.1.8.x
drupal / drupal 8.0.0-beta11 8.0.0-beta11.x
drupal / drupal 8.1.9 8.1.9.x
drupal / drupal 8.1.5 8.1.5.x
drupal / drupal 8.0.4 8.0.4.x
drupal / drupal 8.0.0-rc4 8.0.0-rc4.x
drupal / drupal 8.0.5 8.0.5.x
drupal / drupal 8.0.0-beta6 8.0.0-beta6.x
drupal / drupal 8.0.0-alpha15 8.0.0-alpha15.x
drupal / drupal 8.1.0-beta1 8.1.0-beta1.x
drupal / drupal 8.0.0-beta7 8.0.0-beta7.x
drupal / drupal 8.0.0-alpha12 8.0.0-alpha12.x
drupal / drupal 8.1.3 8.1.3.x
drupal / drupal 8.0.2 8.0.2.x
drupal / drupal 8.0.3 8.0.3.x
drupal / drupal 8.0.0-beta2 8.0.0-beta2.x
drupal / drupal 8.0.0-alpha14 8.0.0-alpha14.x
drupal / drupal 8.0.0-beta13 8.0.0-beta13.x
drupal / drupal 8.0.0-alpha7 8.0.0-alpha7.x
drupal / drupal 8.1.0-beta2 8.1.0-beta2.x
drupal / drupal 8.0.0-beta10 8.0.0-beta10.x
drupal / drupal 8.1.0 8.1.0.x
drupal / drupal 8.0.0-alpha13 8.0.0-alpha13.x
drupal / drupal 8.0.0-alpha10 8.0.0-alpha10.x
drupal / drupal 8.0.0-beta1 8.0.0-beta1.x
drupal / drupal 8.1.7 8.1.7.x
drupal / drupal 8.0.0-alpha8 8.0.0-alpha8.x
drupal / drupal 8.0.0-rc2 8.0.0-rc2.x
drupal / drupal 8.0.1 8.0.1.x
drupal / drupal 8.1.1 8.1.1.x
drupal / drupal 8.1.4 8.1.4.x
drupal / drupal 8.0.6 8.0.6.x
drupal / drupal 8.0.0-rc3 8.0.0-rc3.x
drupal / drupal 8.0.0-alpha5 8.0.0-alpha5.x
drupal / drupal 8.0.0-beta9 8.0.0-beta9.x
drupal / drupal 8.0.0-beta14 8.0.0-beta14.x
drupal / drupal 8.0.0 8.0.0.x