CVE-2024-45398

Contao is an Open Source CMS. In affected versions a back end user with access to the file manager can upload malicious files and execute them on the server. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to update are advised to configure their web server so it does not execute PHP files and other scripts in the Contao file upload directory.

CVSS v3 8.3 HIGH

8.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://contao.org/en/security-advisories/remote-command-execution-through-file-uploads	Vendor Advisory
https://github.com/contao/contao/security/advisories/GHSA-vm6r-j788-hjh5	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:contao:contao::::::::
	cpe:2.3:a:contao:contao::::::::
	cpe:2.3:a:contao:contao::::::::

History

No history.

Information

Published : 2024-09-17 20:15

Updated : 2024-09-25 19:20

NVD link : CVE-2024-45398

Mitre link : CVE-2024-45398

CVE.ORG link : CVE-2024-45398

JSON object : View

Products Affected

contao

contao

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2024-45398", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-09-17T20:15:04.670", "references": [{"url": "https://contao.org/en/security-advisories/remote-command-execution-through-file-uploads", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/contao/contao/security/advisories/GHSA-vm6r-j788-hjh5", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Contao is an Open Source CMS. In affected versions a back end user with access to the file manager can upload malicious files and execute them on the server. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to update are advised to configure their web server so it does not execute PHP files and other scripts in the Contao file upload directory."}, {"lang": "es", "value": "Contao es un CMS de c\u00f3digo abierto. En las versiones afectadas, un usuario de back-end con acceso al administrador de archivos puede cargar archivos maliciosos y ejecutarlos en el servidor. Se recomienda a los usuarios que actualicen a Contao 4.13.49, 5.3.15 o 5.4.3. A los usuarios que no puedan actualizar se les recomienda que configuren su servidor web para que no ejecute archivos PHP y otros scripts en el directorio de carga de archivos de Contao."}], "lastModified": "2024-09-25T19:20:52.527", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB4C5DCC-94CE-4732-8B71-0CB60FFF3B31", "versionEndExcluding": "4.13.49", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44942DC5-6564-4F2B-9C2F-EA446C70E05F", "versionEndExcluding": "5.3.15", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB66A97A-A8FA-4D3A-8E93-6692772217AC", "versionEndExcluding": "5.4.3", "versionStartIncluding": "5.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}