7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
0.973 High
EPSS
Percentile
99.9%
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
CPE | Name | Operator | Version |
---|---|---|---|
drupal/drupal | lt | 8.5.3 | |
drupal/drupal | lt | 8.4.8 | |
drupal/drupal | lt | 7.59 | |
drupal/core | lt | 8.5.3 | |
drupal/core | lt | 8.4.8 | |
drupal/core | lt | 7.59 |
www.securityfocus.com/bid/103985
www.securitytracker.com/id/1040754
github.com/advisories/GHSA-297x-j9pm-xjgg
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7602.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7602.yaml
lists.debian.org/debian-lts-announce/2018/04/msg00030.html
nvd.nist.gov/vuln/detail/CVE-2018-7602
www.debian.org/security/2018/dsa-4180
www.drupal.org/sa-core-2018-004
www.exploit-db.com/exploits/44542
www.exploit-db.com/exploits/44557
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
0.973 High
EPSS
Percentile
99.9%