Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Drupal AutoAssign Role Module < 6.x-1.2 Authentication Bypass

Medium

Synopsis

The remote host is vulnerable to a flaw which allows for the bypassing of Authentication

Description

The remote host is running an older version of the Drupal AutoAssign Role module.

There is a flaw in this version of AutoAssign which would allow a valid user to access controls and data which belong to another user.

Solution

Upgrade to Drupal AutoAssign Role 6.x-1.2.