Format string error in Plone

#VU39404 Format string error in Plone

Published: 2017-03-23 | Updated: 2020-08-08

Vulnerability identifier: #VU39404

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5524

CWE-ID: CWE-134

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Plone
Web applications / CMS

Vendor: Plone

Description

The vulnerability allows a remote authenticated user to gain access to sensitive information.

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Plone: 4.0 - 5.1

External links
http://www.openwall.com/lists/oss-security/2017/01/18/6
http://www.securityfocus.com/bid/95679
http://plone.org/security/hotfix/20170117/sandbox-escape

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Plone