Vulnerability identifier: #VU57098
Vulnerability risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-285
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
October CMS
Web applications /
CMS
Vendor: OctoberCMS
Description
The vulnerability allows a remote user to compromise the affected application.
The vulnerability exists due to improper authorization. An attacker who previously had an administrative account with access to the admin interface is able to sign in to the backend using October CMS v2.0 even after the account has been deleted.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
October CMS: 2.1.11
External links
http://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.