{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T21:54:37.515","vulnerabilities":[{"cve":{"id":"CVE-2017-6919","sourceIdentifier":"mlhess@drupal.org","published":"2017-04-20T02:59:00.143","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests."},{"lang":"es","value":"Drupal 8 en versiones anteriores a 8.2.8 y 8.3 en versiones anteriores a 8.3.1 permite elusión de acceso crítica por usuarios autenticados si el módulo RESTful Web Services (resto) está habilitado y el sitio permite solicitudes PATCH."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3C20DAD7-13A7-40F7-B6E0-965DB4E14508"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*","matchCriteriaId":"144694E6-3287-4F4D-A687-7F495133DBA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*","matchCriteriaId":"581D686B-1061-4271-BEF4-17A429BD666A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*","matchCriteriaId":"E3E45AA6-5FAF-4C63-91F5-0765CE60191A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*","matchCriteriaId":"FE5D81CF-AE7B-4A9C-AD8F-9A19D2AC35DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*","matchCriteriaId":"A27535A5-7C4F-4548-A4B8-5FFBD58361D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*","matchCriteriaId":"17BC6508-3518-4BB5-B29F-4E6CB6DE9D44"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"8CBB5620-5847-443F-8356-B66EE93A3779"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*","matchCriteriaId":"3E81260D-E0D2-4FD2-AAED-99945404EB00"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*","matchCriteriaId":"5A7D34E6-76E0-4BCB-A4C8-9401C7331EF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*","matchCriteriaId":"201E2EA9-B811-4BB2-867A-6F12DC472911"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*","matchCriteriaId":"C957B189-10C2-4D42-B5B9-03F7DE287C8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*","matchCriteriaId":"A7E21838-CDEC-41B2-AE40-C78DE8984B6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*","matchCriteriaId":"639F0284-85D1-40B0-B337-77632E7A664B"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*","matchCriteriaId":"5F4B611A-3628-41EA-878D-BF9D6C34AA83"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*","matchCriteriaId":"856E46E5-1BF3-42F4-AFCB-81275B1EF265"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*","matchCriteriaId":"B351F769-598F-4E3E-99EA-94A5516995A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*","matchCriteriaId":"220900E6-5859-4CA9-831E-3FF3C128F060"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*","matchCriteriaId":"0D55D51E-DE2D-469C-9F9C-F312A02EE921"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*","matchCriteriaId":"259B5FE7-2808-4F61-B98C-73ECC7F9503C"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*","matchCriteriaId":"BA263BE6-2088-4E18-914B-96CFAA0093E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*","matchCriteriaId":"906AED87-8C5C-4214-B5AD-43E5573E357A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*","matchCriteriaId":"E150FDA8-5271-465C-8DE0-F44E9FC81E90"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"4E036D4F-BD94-4F77-883C-165B3F0802C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*","matchCriteriaId":"7A7068F8-810D-4720-9E0E-06DB1DD366ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*","matchCriteriaId":"443183F6-9EF5-41AE-8AD0-B304BBF1670A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*","matchCriteriaId":"58C5EF43-E24F-4BDB-9496-16DE4EEF3E67"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*","matchCriteriaId":"B00B494B-736A-47A7-ACF3-81368C033086"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*","matchCriteriaId":"E275F22B-7A46-4107-BE6F-6C4D7EAA46FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*","matchCriteriaId":"63530139-7EF2-4210-9870-B06175ECBC58"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*","matchCriteriaId":"ED085089-51D6-4E5C-96E8-CC5C7C55CC97"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*","matchCriteriaId":"36FC67CE-9C45-4842-81AF-EEAE557D70D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*","matchCriteriaId":"5FE6AC83-B248-4491-A320-836C65E64D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*","matchCriteriaId":"99D7F3C7-3EC6-48D2-A8D5-1F987FD74A20"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*","matchCriteriaId":"434D4D80-44C0-4278-A09B-005A599F4658"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*","matchCriteriaId":"2CF1BC91-4A24-40FC-8EEC-E4FAD624C2CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*","matchCriteriaId":"43067661-B562-41BC-B272-8A79075291B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*","matchCriteriaId":"EA9EF375-AE7C-4900-A992-C635228889E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*","matchCriteriaId":"53FA0C7F-000A-4CB4-86E3-DEC0C9DCA1BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*","matchCriteriaId":"E39B2B71-C1B8-4A16-88FE-D691CC3C9BE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*","matchCriteriaId":"535BC461-E9B1-4124-8125-1D9F91CF4F68"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*","matchCriteriaId":"06F63C7F-CE02-428D-90CD-05B726C0026D"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F18278D5-A30B-4624-AC64-CA39F92EB8C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*","matchCriteriaId":"B3F72CAF-2BCA-454D-B8AC-951EC566A965"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*","matchCriteriaId":"E0C7CB5D-CE55-4628-957D-3D2C5EE2353B"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*","matchCriteriaId":"C9E1FBB4-D63F-4AA0-ADE3-70527F4D84A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*","matchCriteriaId":"9D2D1BF3-879B-44C5-B3A0-2E91B27BFF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*","matchCriteriaId":"D2BB7835-2BFD-4182-B112-7E8A9FF2449C"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*","matchCriteriaId":"80CE2090-A5AF-47B8-BB7D-727FFF093413"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*","matchCriteriaId":"8B28527E-92CB-4171-8EE3-9187C3F44EC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*","matchCriteriaId":"3CB85396-4D94-4752-A134-A1644C707777"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*","matchCriteriaId":"F6802D01-6220-4EBE-B267-10DC14E6D186"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*","matchCriteriaId":"EAD4EC47-7DD8-443B-8821-DFAE03FE2FD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*","matchCriteriaId":"DA084D8B-FEFC-41D5-A384-1DCB297CC1A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*","matchCriteriaId":"5F5756FE-158A-4194-9E5E-EA918C4A3D1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*","matchCriteriaId":"F344F3CE-C45E-4C3A-9F48-DAA0F2A49137"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*","matchCriteriaId":"45C7BA91-93C2-4615-8A4D-11702FF5A155"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*","matchCriteriaId":"615DED7F-691F-4EF8-BE82-6E51B4971BFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*","matchCriteriaId":"467F335F-6FA1-413F-995F-29136658D969"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*","matchCriteriaId":"BABC38A1-0034-4CDE-B580-8026D6E0FE39"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*","matchCriteriaId":"EFA63C78-B234-4EBA-99A2-070213D1DA19"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*","matchCriteriaId":"997EF82A-B6C0-403A-BA58-E174FF2D981F"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*","matchCriteriaId":"FAE56E4F-47D3-41F4-951E-3E4BBE74B6D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*","matchCriteriaId":"8601673A-8FF8-4430-BB24-038443E1CED8"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*","matchCriteriaId":"AFD82372-D143-4AE7-8FE0-40FFD8F3E153"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*","matchCriteriaId":"BCA00E55-32EB-41D7-B6FB-756738E4F9F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*","matchCriteriaId":"FEE90095-47A7-425E-8D9E-20D974647813"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"75FFBFC9-8D65-40E5-B6D5-53A945247518"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*","matchCriteriaId":"4E1A0582-A538-4FB7-A358-52C79266B383"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*","matchCriteriaId":"5B740914-9270-4FF5-93F6-99A51FF9C012"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*","matchCriteriaId":"8D1FDCC9-ABC7-442D-8D84-82BEFD4D380D"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/97941","source":"mlhess@drupal.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038371","source":"mlhess@drupal.org"},{"url":"https://www.drupal.org/SA-CORE-2017-002","source":"mlhess@drupal.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97941","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038371","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.drupal.org/SA-CORE-2017-002","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}