Unrated severityNVD Advisory· Published Aug 18, 2015· Updated Jun 17, 2026
CVE-2015-5502
CVE-2015-5502
Description
The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not properly restrict access to Storage API fields attached to entities that are not nodes, which allows remote attackers to have unspecified impact via unknown vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:storage_api_project:storage_api:7.x-1.0:*:*:*:*:drupal:*:*+ 7 more
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.0:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.3:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.4:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.6:*:*:*:*:drupal:*:*
- cpe:2.3:a:storage_api_project:storage_api:7.x-1.7:*:*:*:*:drupal:*:*
- Range: <7.x-1.8
Patches
Vulnerability mechanics
References
4- www.drupal.org/node/2495895nvdPatch
- www.drupal.org/node/2495903nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2015/07/04/4nvd
- www.securityfocus.com/bid/74867nvd
News mentions
0No linked articles in our index yet.