PT-2017-9086 · Plone · Plone Cms
Sebastian Perez
·
Published
2017-03-07
·
Updated
2022-05-14
·
CVE-2016-7135
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Plone CMS versions 4.2.x through 4.3.11
Plone CMS versions 5.x through 5.0.6
Description
The issue allows remote administrators to read arbitrary files via a .. (dot dot) in the
path parameter in a getFile action to the Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions endpoint.Recommendations
For Plone CMS versions 4.2.x through 4.3.11, update to a version outside of this range to resolve the issue.
For Plone CMS versions 5.x through 5.0.6, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting access to the
Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions endpoint to minimize the risk of exploitation.
Avoid using the path parameter in the affected getFile action until the issue is resolved.Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Plone Cms