Access Bypass Vulnerability in Drupal 8.7.4 Workspaces Module

Access Bypass Vulnerability in Drupal 8.7.4 Workspaces Module

CVE-2019-6342 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.

Learn more about our Cis Benchmark Audit For Google Workspace.