Sitefinity < 10.0.6412.0 Multiple Vulnerabilities

critical Web App Scanning Plugin ID 112501

Synopsis

Sitefinity < 10.0.6412.0 Multiple Vulnerabilities

Description

The version of Sitefinity installed on the remote host is prior to 10.0.6412.0. It is, therefore, affected by multiple vulnerabilities in Telerik DialogHandler and RadAsyncUpload :

- A cryptographic weakness exists in Telerik.Web.UI that can be exploited to disclose encryption keys

- An unrestricted file upload vulnerability exists in Telerik.Web.UI due to weak encryption

- An insecure direct object reference vulnerability exists in Telerik.Web.UI due to user input used directly by RadAsyncUpload without validation

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Sitefinity version 10.0.6412.0 or later.

See Also

https://knowledgebase.progress.com/articles/Article/resolving-security-vulnerability-cve-2017-9248

Plugin Details

Severity: Critical

ID: 112501

Type: remote

Published: 10/31/2018

Updated: 1/3/2024

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2014-2217

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2014-2217

Vulnerability Information

CPE: cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/25/2014

Vulnerability Publication Date: 12/25/2014

CISA Known Exploited Vulnerability Due Dates: 5/2/2022, 5/3/2022, 2/16/2023

Reference Information

CVE: CVE-2014-2217, CVE-2017-11317, CVE-2017-11357, CVE-2017-9248

BID: 78021, 103171, 103173, 99965

CWE: 20, 22, 310, 326, 434, 522

OWASP: 2010-A4, 2010-A7, 2013-A4, 2013-A6, 2013-A9, 2017-A3, 2017-A5, 2017-A9, 2021-A1, 2021-A2, 2021-A3, 2021-A4, 2021-A6

WASC: Application Misconfiguration, Improper Input Handling, Insufficient Authorization, Path Traversal

CAPEC: 1, 10, 101, 102, 104, 108, 109, 110, 112, 120, 126, 13, 135, 136, 14, 153, 182, 192, 20, 209, 22, 23, 230, 231, 24, 250, 261, 267, 28, 3, 31, 42, 43, 45, 46, 47, 473, 474, 485, 50, 509, 52, 53, 551, 555, 560, 561, 588, 600, 63, 64, 644, 645, 652, 653, 67, 7, 71, 72, 73, 76, 78, 79, 8, 80, 81, 83, 85, 88, 9

DISA STIG: APSC-DV-002440, APSC-DV-002560, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.10.1.2, 27001-A.12.6.1, 27001-A.14.2.5, 27001-A.9.2.1, 27001-A.9.2.4, 27001-A.9.3.1, 27001-A.9.4.3

NIST: sp800_53-CM-6b, sp800_53-IA-5, sp800_53-SC-12, sp800_53-SC-6, sp800_53-SI-10

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-12.3.1, 4.0.2-12.5.2, 4.0.2-14.2.1, 4.0.2-5.1.3, 4.0.2-6.2.1, 4.0.2-9.1.2

PCI-DSS: 3.2-6.2, 3.2-6.5, 3.2-6.5.1, 3.2-6.5.10, 3.2-6.5.3, 3.2-6.5.4, 3.2-6.5.8