CVE-2019-6342
Drupal core - Critical - Access bypass - SA-CORE-2019-008An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.
We have discovered 137,513 live websites that are affected by CVE-2019-6342.
Affected Software
| Product |  Drupal |
| Category | Content Management System |
| Vulnerable Domains | 137,513 live websites (54.74% of Drupal install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 96 versions ( 31.48% of all versions) |
Details
- Published - May 29, 2020
- Updated - Aug 4, 2024
CVE References
CVE-2019-6342 usage by Country
 United States | 42,849 websites |
 Germany | 14,199 websites |
 Russia | 12,118 websites |
 France | 10,614 websites |
 GB | 4,308 websites |
 Belgium | 4,063 websites |
 Netherlands | 3,745 websites |
 Italy | 3,470 websites |
 Spain | 2,936 websites |
 Canada | 2,677 websites |
CVE-2019-6342 usage by TLD
| .com | 37,873 websites |
| .org | 11,761 websites |
| .ru | 10,043 websites |
| .de | 7,359 websites |
| .fr | 5,019 websites |
| .be | 4,479 websites |
| .edu | 4,044 websites |
| .net | 3,350 websites |
| .it | 3,003 websites |
| .nl | 2,806 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2019-6342
Top websites that are affected by CVE-2019-6342. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.org | United States | *** | |
| ***.org | United States | *,*** | |
| ********.gov | United States | *,*** | |
| ******.gov | United States | *,*** | |
| ***.**.gov | United States | *,*** | |
| ******.edu | United States | *,*** | |
| ***.gov | United States | *,*** | |
| ****.org | United States | *,*** | |
| ***.com | United States | *,*** | |
| *******.com | Netherlands | *,*** |
FAQ
A total of 137,513 websites have been identified as vulnerable to CVE-2019-6342, discovered through global website indexing conducted by WebTechSurvey.
Drupal is susceptible to CVE-2019-6342 vulnerability.
Drupal versions before 8.7.4 are vulnerable to CVE-2019-6342.
Version 8.7.4 of Drupal addresses the CVE-2019-6342 security vulnerability.