Risk | High |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | N/A |
CWE-ID | CWE-284 CWE-20 CWE-434 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #4 is available. |
Vulnerable software Subscribe |
Drupal Web applications / CMS |
Vendor | Drupal |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU23680
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to absent access restrictions to the install.php script. A remote unauthenticated attacker can access the install.php script and corrupt cached data that will lead to website inaccessibility.
Install updates from vendor's website.
Vulnerable software versionsDrupal: 8.7.0 - 8.8.0 rc1
External linkshttp://www.drupal.org/sa-core-2019-009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU23681
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass imposed security restrictions.
The vulnerability exists due to insufficient validation of user-supplied file names during upload in the file_save_upload()
function that does not strip the leading and trailing dot ('.') from filenames. A remote attacker with ability to download files can upload system files such as .htaccess and bypass imposed security restrictions.
Install updates from vendor's website.
Vulnerable software versionsDrupal: 8.7.0 - 8.8.0 rc1
External linkshttp://www.drupal.org/sa-core-2019-010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU23682
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to usage of vulnerable Archive_Tar library. If Drupal is configured to allow .tar
, .tar.gz
, .bz2
or .tlz
file uploads, a remote attacker can upload and execute arbitrary PHP code on the system.
Install updates from vendor's website.
Vulnerable software versionsDrupal: 7.0 - 8.8.0 rc1
External linkshttp://www.drupal.org/sa-core-2019-012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU23683
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in Media Library module. A remote attacker can bypass implemented security restrictions and gain unauthorized access to media items in certain configurations.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDrupal: 8.7.0 - 8.8.0 rc1
External linkshttp://www.drupal.org/sa-core-2019-011
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.