CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9023

The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.0%

CVSS Severity

CVSS v2 Score 5.5

References

Products affected by CVE-2014-9023

Twilio Project » Twilio » Version: 7.x-1.1

cpe:2.3:a:twilio_project:twilio:7.x-1.1
Twilio Project » Twilio » Version: 7.x-1.2

cpe:2.3:a:twilio_project:twilio:7.x-1.2
Twilio Project » Twilio » Version: 7.x-1.4

cpe:2.3:a:twilio_project:twilio:7.x-1.4
Twilio Project » Twilio » Version: 7.x-1.5

cpe:2.3:a:twilio_project:twilio:7.x-1.5
Twilio Project » Twilio » Version: 7.x-1.6

cpe:2.3:a:twilio_project:twilio:7.x-1.6
Twilio Project » Twilio » Version: 7.x-1.8

cpe:2.3:a:twilio_project:twilio:7.x-1.8
Twilio Project » Twilio » Version: 7.x-1.9

cpe:2.3:a:twilio_project:twilio:7.x-1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9023

Products

Pricing

Contact Us