CVE-2020-5297 — LOW (3.4) — White Hats Nepal

Q: How severe is CVE-2020-5297?

CVE-2020-5297 has been rated LOW with a CVSS base score of 3.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-5297?

Check the references section above for vendor advisories and patch information. Affected products include: Octobercms October.

Vulnerability Description

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).

CVSS Score

3.4

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Octobercms	October	>= 1.0.319, < 1.0.466

Related Weaknesses (CWE)

CWE-73 CWE-610

References

http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2020/Aug/2ExploitMailing ListThird Party Advisory
https://github.com/octobercms/october/commit/6711dae8ef70caf0e94cec434498012a2ccPatchThird Party Advisory
https://github.com/octobercms/october/security/advisories/GHSA-9722-rr68-rfpgPatchThird Party Advisory
http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2020/Aug/2ExploitMailing ListThird Party Advisory
https://github.com/octobercms/october/commit/6711dae8ef70caf0e94cec434498012a2ccPatchThird Party Advisory
https://github.com/octobercms/october/security/advisories/GHSA-9722-rr68-rfpgPatchThird Party Advisory

FAQ

What is CVE-2020-5297?

CVE-2020-5297 is a vulnerability with a CVSS score of 3.4 (LOW). In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff...

How severe is CVE-2020-5297?

CVE-2020-5297 has been rated LOW with a CVSS base score of 3.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-5297?

Check the references section above for vendor advisories and patch information. Affected products include: Octobercms October.