Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Experience Manager by Sitecore

    CVE-2025-34510 (GCVE-0-2025-34510)

    Vulnerability from nvd – Published: 2025-06-17 18:46 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip
    Summary
    Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    URL Tags
    https://labs.watchtowr.com/is-b-for-backdoor-pre-… third-party-advisoryexploittechnical-description
    https://support.sitecore.com/kb?id=kb_article_vie… vendor-advisory
    Impacted products
    Vendor Product Version
    Sitecore Experience Manager Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Sitecore Experience Platform Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Sitecore Experience Commerce Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Credits
    Piotr Bazydlo of watchTowr
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34510",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T03:56:12.568004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.002Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Experience Manager",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Platform",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Commerce",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Piotr Bazydlo of watchTowr"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
                }
              ],
              "value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-19T01:24:03.216Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Apply the vendor provided hotpatch."
                }
              ],
              "value": "Apply the vendor provided hotpatch."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34510",
        "datePublished": "2025-06-17T18:46:04.239Z",
        "dateReserved": "2025-04-15T19:15:22.612Z",
        "dateUpdated": "2026-02-26T17:50:31.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34509 (GCVE-0-2025-34509)

    Vulnerability from nvd – Published: 2025-06-17 18:20 – Updated: 2026-02-26 17:50
    Title
    Sitecore XM and XP Hardcoded Credentials
    Summary
    Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    URL Tags
    https://labs.watchtowr.com/is-b-for-backdoor-pre-… third-party-advisoryexploittechnical-description
    https://support.sitecore.com/kb?id=kb_article_vie… vendor-advisory
    Impacted products
    Vendor Product Version
    Sitecore Experience Manager Affected: 10.4 , < 10.4.1 rev. 011941 PRE (custom)
    Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom)
    Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom)
    Create a notification for this product.
    Sitecore Experience Platform Affected: 10.4 , < 10.4.1 rev. 011941 PRE (custom)
    Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom)
    Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom)
    Create a notification for this product.
    Credits
    Piotr Bazydlo of watchTowr
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34509",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T03:56:10.468989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.319Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Experience Manager",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThan": "10.4.1 rev. 011941 PRE",
                  "status": "affected",
                  "version": "10.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.3 rev. 011967 PRE",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.4 rev. 011974 PRE",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Platform",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThan": "10.4.1 rev. 011941 PRE",
                  "status": "affected",
                  "version": "10.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.3 rev. 011967 PRE",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.4 rev. 011974 PRE",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.4.1",
                      "versionStartIncluding": "10.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.3.3",
                      "versionStartIncluding": "10.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.1.4",
                      "versionStartIncluding": "10.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.4.1",
                      "versionStartIncluding": "10.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.3.3",
                      "versionStartIncluding": "10.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.1.4",
                      "versionStartIncluding": "10.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Piotr Bazydlo of watchTowr"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
                }
              ],
              "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-27T16:47:40.562Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to patched versions."
                }
              ],
              "value": "Update to patched versions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Sitecore XM and XP Hardcoded Credentials",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34509",
        "datePublished": "2025-06-17T18:20:57.441Z",
        "dateReserved": "2025-04-15T19:15:22.612Z",
        "dateUpdated": "2026-02-26T17:50:31.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34510 (GCVE-0-2025-34510)

    Vulnerability from cvelistv5 – Published: 2025-06-17 18:46 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip
    Summary
    Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    URL Tags
    https://labs.watchtowr.com/is-b-for-backdoor-pre-… third-party-advisoryexploittechnical-description
    https://support.sitecore.com/kb?id=kb_article_vie… vendor-advisory
    Impacted products
    Vendor Product Version
    Sitecore Experience Manager Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Sitecore Experience Platform Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Sitecore Experience Commerce Affected: 9.0 , ≤ 9.3 (custom)
    Affected: 10.0 , ≤ 10.4 (custom)
    Create a notification for this product.
    Credits
    Piotr Bazydlo of watchTowr
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34510",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T03:56:12.568004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.002Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Experience Manager",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Platform",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Commerce",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThanOrEqual": "9.3",
                  "status": "affected",
                  "version": "9.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.4",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.3",
                      "versionStartIncluding": "9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "10.4",
                      "versionStartIncluding": "10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Piotr Bazydlo of watchTowr"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
                }
              ],
              "value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-19T01:24:03.216Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Apply the vendor provided hotpatch."
                }
              ],
              "value": "Apply the vendor provided hotpatch."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34510",
        "datePublished": "2025-06-17T18:46:04.239Z",
        "dateReserved": "2025-04-15T19:15:22.612Z",
        "dateUpdated": "2026-02-26T17:50:31.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34509 (GCVE-0-2025-34509)

    Vulnerability from cvelistv5 – Published: 2025-06-17 18:20 – Updated: 2026-02-26 17:50
    Title
    Sitecore XM and XP Hardcoded Credentials
    Summary
    Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    URL Tags
    https://labs.watchtowr.com/is-b-for-backdoor-pre-… third-party-advisoryexploittechnical-description
    https://support.sitecore.com/kb?id=kb_article_vie… vendor-advisory
    Impacted products
    Vendor Product Version
    Sitecore Experience Manager Affected: 10.4 , < 10.4.1 rev. 011941 PRE (custom)
    Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom)
    Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom)
    Create a notification for this product.
    Sitecore Experience Platform Affected: 10.4 , < 10.4.1 rev. 011941 PRE (custom)
    Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom)
    Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom)
    Create a notification for this product.
    Credits
    Piotr Bazydlo of watchTowr
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34509",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T03:56:10.468989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.319Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Experience Manager",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThan": "10.4.1 rev. 011941 PRE",
                  "status": "affected",
                  "version": "10.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.3 rev. 011967 PRE",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.4 rev. 011974 PRE",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Experience Platform",
              "vendor": "Sitecore",
              "versions": [
                {
                  "lessThan": "10.4.1 rev. 011941 PRE",
                  "status": "affected",
                  "version": "10.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.3 rev. 011967 PRE",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.4 rev. 011974 PRE",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.4.1",
                      "versionStartIncluding": "10.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.3.3",
                      "versionStartIncluding": "10.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.1.4",
                      "versionStartIncluding": "10.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            },
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.4.1",
                      "versionStartIncluding": "10.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.3.3",
                      "versionStartIncluding": "10.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.1.4",
                      "versionStartIncluding": "10.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Piotr Bazydlo of watchTowr"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
                }
              ],
              "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-27T16:47:40.562Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to patched versions."
                }
              ],
              "value": "Update to patched versions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Sitecore XM and XP Hardcoded Credentials",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34509",
        "datePublished": "2025-06-17T18:20:57.441Z",
        "dateReserved": "2025-04-15T19:15:22.612Z",
        "dateUpdated": "2026-02-26T17:50:31.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }