CVE-2017-6379

Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID.

We have discovered 134,723 live websites that are affected by CVE-2017-6379.

Test my site



Affected Software

Product  Drupal
Category Content Management System
Vulnerable Domains134,723 live websites (53.63% of Drupal install base)
Vulnerable Versions
  • from 0 before 8.2.7
Vulnerable Versions Count38 versions ( 12.46% of all versions)



Details

  • Published - Mar 16, 2017
  • Updated - Aug 5, 2024

CVE-2017-6379 usage by Country

United States42,235 websites


Germany13,961 websites
Russia11,936 websites
France10,402 websites
GB4,254 websites
Belgium3,942 websites
Netherlands3,693 websites
Italy3,388 websites
Spain2,843 websites
Hungary2,504 websites

CVE-2017-6379 usage by TLD

.com37,065 websites
.org11,566 websites
.ru9,895 websites
.de7,241 websites
.fr4,933 websites
.be4,362 websites
.edu4,036 websites
.net3,308 websites
.it2,937 websites
.nl2,766 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2017-6379

Top websites that are affected by CVE-2017-6379. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.org United States***
***.org United States*,***
********.gov United States*,***
******.gov United States*,***
***.**.gov United States*,***
******.edu United States*,***
***.gov United States*,***
****.org United States*,***
***.com United States*,***
*******.com Netherlands*,***
See full domain list

FAQ

A total of 134,723 websites have been identified as vulnerable to CVE-2017-6379, discovered through global website indexing conducted by WebTechSurvey.
Drupal is susceptible to CVE-2017-6379 vulnerability.
Drupal versions before 8.2.7 are vulnerable to CVE-2017-6379.
Version 8.2.7 of Drupal addresses the CVE-2017-6379 security vulnerability.