SB2019091501 - Multiple vulnerabilities in Pimcore

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019091501

SB2019091501 - Multiple vulnerabilities in Pimcore

Published: September 15, 2019

Security Bulletin ID SB2019091501
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2019-16318)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of long files names. A remote authenticated attacker can supply a .php file with name that contains 256 characters, bypass the implemented security mechanisms that was supposed to change the uploaded file extension into .php.txt file, and execute arbitrary PHP code on the system.


2) Path traversal (CVE-ID: CVE-2019-16317)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the file names. A remote authenticated attacker can create a specially crafted .phar file and execute arbitrary code on the system via a phar:// URL in a filename parameter that contains directory traversal characters 


Remediation

Install update from vendor's website.

References