Fluid Attacks Database

Description

Drupal saving user accounts can sometimes grant the user all roles The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows remote attackers to gain privileges by leveraging contributed or custom code that calls the user_save function with an explicit category and loads all roles into the array.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
packagist	drupal/core	>=6.0 <6.38 \|\| >=7.0 <7.43	6.38, 7.43
packagist	drupal/drupal	>=7.0 <7.43 \|\| >=6.0 <6.38	7.43, 6.38

Aliases

1. CVE-2016-31692. NVD-2016-31693. OSV-2016-31694. GCVE-2016-3169

References

1. https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3169.yaml2. https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3169.yaml3. https://www.drupal.org/SA-CORE-2016-0014. http://www.debian.org/security/2016/dsa-34985. http://www.openwall.com/lists/oss-security/2016/02/24/196. http://www.openwall.com/lists/oss-security/2016/03/15/10