ByteOS Network

NVD Vulnerability Details :

CVE-2015-5490

Deferred

Source-cve@mitre.org

Published At-18 Aug, 2015 | 17:59

Updated At-12 Apr, 2025 | 10:46

The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://cgit.drupalcode.org/views/commit/?id=cef693b	cve@mitre.org	N/A
http://www.openwall.com/lists/oss-security/2015/07/04/4	cve@mitre.org	N/A
http://www.securityfocus.com/bid/74462	cve@mitre.org	N/A
https://www.drupal.org/node/2475669	cve@mitre.org	Exploit
https://www.drupal.org/node/2480259	cve@mitre.org	Patch
https://www.drupal.org/node/2480327	cve@mitre.org	Patch Vendor Advisory
http://cgit.drupalcode.org/views/commit/?id=cef693b	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2015/07/04/4	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/74462	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.drupal.org/node/2475669	af854a3a-2127-422b-91ae-364da2661108	Exploit
https://www.drupal.org/node/2480259	af854a3a-2127-422b-91ae-364da2661108	Patch
https://www.drupal.org/node/2480327	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History