Drupal 8.4.x < 8.4.6 RCE

critical Nessus Network Monitor Plugin ID 700229

Synopsis

The remote server is hosting an outdated installation of Drupal that is vulnerable to a critical remote code execution attack vector.

Description

The version of Drupal installed on the remote server is 8.4.x prior to 8.4.6, and is affected by a flaw in the 'preHandle()' function in 'core/lib/Drupal/Core/DrupalKernel.php' that is triggered as certain parameter keys within HTTP requests are not properly sanitized. This may allow a remote attacker to execute arbitrary code. This issue may be exploited using multiple unspecified attack vectors.

Solution

Upgrade to Drupal 8.4.6 or later.

See Also

https://www.drupal.org/sa-core-2018-002

Plugin Details

Severity: Critical

ID: 700229

Family: CGI

Published: 3/29/2018

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:drupal:drupal

Patch Publication Date: 3/28/2018

Vulnerability Publication Date: 3/27/2018

Reference Information

CVE: CVE-2018-7600

BID: 103534