PT-2022-15162 · Unknown · Concrete Cms

Anna

Published

2022-06-24

Updated

2022-07-05

CVE-2022-21829

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.0.0 through 9.0.2 Concrete CMS versions 8.5.7 and below

Description The issue allows an attacker to download zip files over HTTP and execute code from those zip files, potentially leading to a remote code execution (RCE). This is resolved by enforcing concrete secure instead of concrete, ensuring Concrete CMS only makes requests over HTTPS, even if a request comes in via HTTP.

Recommendations For Concrete CMS versions 9.0.0 through 9.0.2, update to a version that enforces concrete secure instead of concrete to ensure requests are made over HTTPS. For Concrete CMS versions 8.5.7 and below, update to a version that enforces concrete secure instead of concrete to ensure requests are made over HTTPS. As a temporary workaround, consider restricting the ability to download zip files over HTTP until a patch is available.

Fix

RCE

Special Elements Injection

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-319

Related Identifiers

CVE-2022-21829

GHSA-6XC4-7FMM-65Q2

Affected Products

Concrete Cms

PT-2022-15162 · Unknown · Concrete Cms

CVE-2022-21829

Weakness Enumeration

Related Identifiers

Affected Products

References · 13