CVE-2018-12596

Published Oct 10, 2018

Last updated 4 days ago

CVSS critical 9.8

Overview

Description: Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins).
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-269

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.00:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E235E196-459E-476B-AC9D-04A87EF67E81"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.00:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47FEC04A-796F-4506-8235-D48795791DDB"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.00:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FFE4198-A189-4A9E-B8C5-F4AA40AFB06B"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.10:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5348F37-BBB8-4D8C-B40A-B41906B54763"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.10:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0B8752A-2542-484D-8B9C-6EC9FAE4DF36"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.10:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA6256DA-728C-4C5A-9BA5-AD6EC5A662DA"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.20:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDA03754-A341-40CE-80A8-23E263F66022"
          },
          {
            "criteria": "cpe:2.3:a:episerver:ektron_cms:9.20:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC64A9DE-A3D2-4C60-BB6A-9A58937EF4C3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References