Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Drupal | Access code | unaffected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-10980 | Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force.This issue affects Access code: from 0.0.0 before 2.0.4. |
| Link | Providers |
|---|---|
| https://www.drupal.org/sa-contrib-2025-028 |
|
Tue, 02 Sep 2025 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Access Code Project
Access Code Project access Code |
|
| CPEs | cpe:2.3:a:access_code_project:access_code:*:*:*:*:*:drupal:*:* | |
| Vendors & Products |
Access Code Project
Access Code Project access Code |
Wed, 16 Apr 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 15 Apr 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 02 Apr 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force.This issue affects Access code: from 0.0.0 before 2.0.4. | |
| Title | Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-028 | |
| Weaknesses | CWE-307 | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: drupal
Published:
Updated: 2025-04-15T14:11:12.235Z
Reserved: 2025-04-02T16:30:40.988Z
Link: CVE-2025-3129
Vulnrichment
Updated: 2025-04-15T14:11:01.567Z
NVD
Status : Analyzed
Published: 2025-04-02T22:15:21.593
Modified: 2025-09-02T18:32:19.987
Link: CVE-2025-3129
Redhat
No data.
OpenCVE Enrichment
No data.