CVE-2019-6340

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)

References

http://www.securityfocus.com/bid/107106

https://www.drupal.org/sa-core-2019-003

https://www.exploit-db.com/exploits/46452/

https://www.exploit-db.com/exploits/46459/

https://www.exploit-db.com/exploits/46510/

https://www.synology.com/security/advisory/Synology_SA_19_09

Details

Source: MITRE

Published: 2019-02-21

Updated: 2020-08-24

Type: CWE-502

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
122449Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003) (exploit)NessusCGI abuses
high
122372FreeBSD : drupal -- Drupal core - Highly critical - Remote Code Execution (002b4b05-35dd-11e9-94a8-000ffec0b3e1)NessusFreeBSD Local Security Checks
high
98589Drupal 8.6.x < 8.6.10 Remote Code Execution VulnerabilityWeb Application ScanningComponent Vulnerability
high
98588Drupal 8.5.x < 8.5.11 Remote Code Execution VulnerabilityWeb Application ScanningComponent Vulnerability
high
700420Drupal 8.6.x < 8.6.10 RCE (SA-CORE-2019-003)Nessus Network MonitorCGI
critical
700419Drupal 8.5.x < 8.5.11 RCE (SA-CORE-2019-003)Nessus Network MonitorCGI
critical
122349Drupal 8.5.x < 8.5.11 / 8.6.x < 8.6.10 Remote Code Execution (SA-CORE-2019-003)NessusCGI abuses
high