Lucene search

MitreCVE-2017-5965

HistoryMay 23, 2017 - 5:29 a.m.

CVE-2017-5965

2017-05-2305:29:00

mitre

web.nvd.nist.gov

cve-2017-5965

sitecore crm

package manager

remote code execution

authenticated administrators

security vulnerability

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a …\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload this archive and extract its contents, and visiting a URI under sitecore/ to execute the .asp file.

Affected configurations

Nvd

Node

sitecorecrmMatch8.1

VendorProductVersionCPE
sitecorecrm8.1cpe:2.3:a:sitecore:crm:8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sitecore	crm	8.1	cpe:2.3:a:sitecore:crm:8.1:::::::*

References

research.aurainfosec.io/disclosures/2017-05-18-sitecore/

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

Related for CVE-2017-5965