CVE-2014-5179

Published: Aug 6, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.

Affected (2)

Products: Freelinking For Case Tracker Project: Freelinking For Case Tracker · Freelinking Project: Freelinking

Freelinking For Case Tracker Project

1 product

Freelinking For Case Tracker

Freelinking Project

1 product

Freelinking

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Freelinking For Case Tracker Project Freelinking For Case Tracker	All versions
Freelinking Project Freelinking	All versions

Related CWEs

CWE-264

References (6)

http://www.securityfocus.com/bid/68861

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/94870

Source: cve@mitre.org

https://www.drupal.org/node/2308503

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/68861

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/94870

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.drupal.org/node/2308503

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.