The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N
Vendors Products
Bad Behavior Project
  • Bad Behavior

Configuration 1 [-]

OR cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc1:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.0:rc2:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-1.x:dev:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.1:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.13:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.14:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.113:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.114:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.115:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.116:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.200:rc14:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.217:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:6.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.220:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.221:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.222:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.223:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.225:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.226:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.227:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.228:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2210:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2211:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2212:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2213:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2214:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2215:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.2216:*:*:*:*:drupal:*:*
cpe:2.3:a:bad_behavior_project:bad_behavior:7.x-2.x:dev:*:*:*:drupal:*:*
References
Link Resource
https://www.drupal.org/node/2360953 Patch Third Party Advisory
https://www.drupal.org/node/2360955 Patch Third Party Advisory
https://www.drupal.org/node/2361611 Patch Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:20:38

Updated: 2022-10-03T16:20:38

Reserved: 2022-10-03T00:00:00

Link: CVE-2014-8735

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2014-11-12T16:55:07.857

Modified: 2019-07-16T12:21:21.717

Link: CVE-2014-8735

JSON object: View

cve-icon Redhat Information

No data.

CWE