Drupal 7.x < 7.52 Multiple Vulnerabilites

medium Nessus Network Monitor Plugin ID 9820

Synopsis

The remote server is hosting an outdated installation of Drupal that is vulnerable to multiple attack vectors.

Description

The version of Drupal installed on the remote server is 7.x prior to 7.52, and is affected by multiple vulnerabilities :

- A flaw exists in the taxonomy module that is triggered by its use of access query tags inconsistent with the standard system used by Drupal Core. This may potentially result in a remote attacker being able to gain access to sensitive information regarding taxonomy terms. (CVE-2016-9449)
- A flaw exists that allows a cross-site redirection attack. This flaw exists because the confirmation form does not validate certain unspecified input before returning it to the user. This could allow a context-dependent attacker to create a specially crafted link that, if followed, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appears to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client-side software such as a web browser or document rendering programs, as well as phishing attacks that mimic the legitimate site but send user-supplied information to the attacker. (CVE-2016-9451)

Solution

Upgrade to Drupal 7.52 or later.

See Also

https://www.drupal.org/SA-CORE-2016-005

https://www.scmagazine.com/drupal-corrects-four-flaws-in-core-cms-offering/article/573640

Plugin Details

Severity: Medium

ID: 9820

Family: CGI

Published: 12/2/2016

Updated: 3/6/2019

Nessus ID: 95026

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 4.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:drupal:drupal

Patch Publication Date: 11/16/2016

Vulnerability Publication Date: 11/16/2016

Reference Information

CVE: CVE-2016-9449, CVE-2016-9451

BID: 94367