Unrated severityNVD Advisory· Published Dec 26, 2012· Updated Jun 16, 2026
CVE-2012-5586
CVE-2012-5586
Description
The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
28cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable2:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable3:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.1:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.2:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:6.x-3.x:dev:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.0:rc6:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.1:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.2:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.3:*:*:*:*:*:*:*
- cpe:2.3:a:marc_ingram:services:7.x-3.x:dev:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- drupal.org/node/1842022nvdPatch
- drupal.org/node/1842026nvdPatch
- drupal.org/node/1853200nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2012/11/29/2nvd
- www.securityfocus.com/bid/56723nvd
News mentions
0No linked articles in our index yet.