Overview
- Description
- Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- security-advisories@github.com
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "838D4309-D6D9-4884-B6C7-F4529DD7AD68",
"versionEndExcluding": "1.6.44"
},
{
"criteria": "cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B6E9B64-0B43-40AD-B0B4-C8BA5EEA6F31",
"versionEndExcluding": "2.2.18",
"versionStartIncluding": "2.0.0"
},
{
"criteria": "cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "354C0B42-D950-497B-B3B7-09EA07063564",
"versionEndExcluding": "2.3.8",
"versionStartIncluding": "2.3.0"
},
{
"criteria": "cpe:2.3:a:sulu:sulu:2.4.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2889EBAA-7A15-436C-9658-CA67F7122DC1"
}
],
"operator": "OR"
}
]
}
]