Drupal Core system.temporary Information Disclosure Vulnerability (CVE-2016-7572)

  Severity: MEDIUM

  DESCRIPTION

Drupal Core is prone to a information disclosure vulnerability. The vulnerability is due to insufficient access control on the ability to download a full configuration export. A remote, authenticated user can exploit this vulnerability by sending a crafted request to the target. Successful exploitation could lead to disclosure of sensitive information.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1008096