VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 26, 2012· Updated Apr 29, 2026

CVE-2012-5586

CVE-2012-5586

Description

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."

Affected products

27
  • Marc Ingram/Services27 versions
    cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*+ 26 more
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable2:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.0:unstable3:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:6.x-3.x:dev:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc5:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.0:rc6:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:marc_ingram:services:7.x-3.x:dev:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.