CVE-2018-7600

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS v3.0 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.drupal.org/sa-core-2018-002	Vendor Advisory
https://groups.drupal.org/security/faq-2018-002	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html	Third Party Advisory
http://www.securitytracker.com/id/1040598	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/103534	Third Party Advisory VDB Entry
https://www.synology.com/support/security/Synology_SA_18_17	Third Party Advisory
https://www.debian.org/security/2018/dsa-4156	Third Party Advisory
https://twitter.com/RicterZ/status/979567469726613504	Third Party Advisory
https://github.com/a2u/CVE-2018-7600	Third Party Advisory
https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know	Third Party Advisory
https://greysec.net/showthread.php?tid=2912&pid=10561	Issue Tracking Third Party Advisory
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE	Patch Third Party Advisory
https://twitter.com/arancaytar/status/979090719003627521	Third Party Advisory
https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714	Third Party Advisory
https://twitter.com/RicterZ/status/984495201354854401	Third Party Advisory
https://research.checkpoint.com/uncovering-drupalgeddon-2/	Exploit Third Party Advisory
https://www.exploit-db.com/exploits/44449/	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/44448/	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/44482/	Exploit Third Party Advisory VDB Entry
https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

Information

Published : 2018-03-29 00:29

Updated : 2019-03-01 10:04

NVD link : CVE-2018-7600

Mitre link : CVE-2018-7600

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

debian

debian_linux

drupal

drupal

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.drupal.org/sa-core-2018-002", "name": "https://www.drupal.org/sa-core-2018-002", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://groups.drupal.org/security/faq-2018-002", "name": "https://groups.drupal.org/security/faq-2018-002", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html", "name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1325-1] drupal7 security update", "tags": ["Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://www.securitytracker.com/id/1040598", "name": "1040598", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/103534", "name": "103534", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://www.synology.com/support/security/Synology_SA_18_17", "name": "https://www.synology.com/support/security/Synology_SA_18_17", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://www.debian.org/security/2018/dsa-4156", "name": "DSA-4156", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "https://twitter.com/RicterZ/status/979567469726613504", "name": "https://twitter.com/RicterZ/status/979567469726613504", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/a2u/CVE-2018-7600", "name": "https://github.com/a2u/CVE-2018-7600", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know", "name": "https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://greysec.net/showthread.php?tid=2912&pid=10561", "name": "https://greysec.net/showthread.php?tid=2912&pid=10561", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/g0rx/CVE-2018-7600-Drupal-RCE", "name": "https://github.com/g0rx/CVE-2018-7600-Drupal-RCE", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://twitter.com/arancaytar/status/979090719003627521", "name": "https://twitter.com/arancaytar/status/979090719003627521", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714", "name": "https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://twitter.com/RicterZ/status/984495201354854401", "name": "https://twitter.com/RicterZ/status/984495201354854401", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://research.checkpoint.com/uncovering-drupalgeddon-2/", "name": "https://research.checkpoint.com/uncovering-drupalgeddon-2/", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.exploit-db.com/exploits/44449/", "name": "44449", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": "EXPLOIT-DB"}, {"url": "https://www.exploit-db.com/exploits/44448/", "name": "44448", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": "EXPLOIT-DB"}, {"url": "https://www.exploit-db.com/exploits/44482/", "name": "44482", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": "EXPLOIT-DB"}, {"url": "https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/", "name": "https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-7600", "ASSIGNER": "security@drupal.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2018-03-29T07:29Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.57"}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "8.3.9", "versionStartIncluding": "8.0.0"}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "8.4.6", "versionStartIncluding": "8.4.0"}, {"cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "8.5.1", "versionStartIncluding": "8.5.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-03-01T18:04Z"}

9.8 /10