Severity rating: High
Software affected
· Services module for Drupal 7.x-3.x-dev
· PRLP module for Drupal 8.x-1.x-dev
· Commerce for Drupal 8.x
Overview
Multiple vulnerabilities have been reported in Drupal which could be
exploited by a remote attacker to bypass certain security restrictions and
gain unauthorized access on the targeted system.
Description
1. Access bypass Vulnerability in Services module
This vulnerability exists in Services module in Drupal due to improper
consideration by taxonomy term index resource. An attacker could exploit
this vulnerability by misusing certain access control tags that certain
contrib modules depend on.
Successful exploitation of this vulnerability could allow a remote attacker
to bypass the access.
2. Access bypass Vulnerability in PRLP module
This vulnerability exists in Password Reset Landing Page (PRLP) module in
Drupal due to insufficient validation in the login URL. An attacker could
exploit this vulnerability by using a specially crafted URL to log in.
Successful exploitation of this vulnerability could allow a remote attacker
to bypass the security restrictions.
3. Access bypass Vulnerability in Drupal Commerce
This vulnerability exists in Drupal Commerce due to misconfiguration of
permissions for anonymous checkout. An attacker could exploit this
vulnerability by misusing "View own orders" permission.
Successful exploitation of this vulnerability could allow anonymous user
access to anonymous orders.
Solution
Apply appropriate updates as mentioned in following URLs
Vendor Information
Drupal
References
Drupal