Vulnerability-Lookup

CNVD-2020-23052

Vulnerability from cnvd - Published: 2020-04-16

Title

eZ Publish Kernel和eZ Publish Legacy文件上传漏洞

Description

eZ Systems eZ Platform是挪威eZ Systems公司的一套基于Symfony框架的内容管理系统（CMS）。eZ Publish Kernel是eZ平台的内核组件。eZ Publish Legacy是eZ平台的旧版本。 eZ Publish Kernel和eZ Publish Legacy中存在文件上传漏洞，远程攻击者可通过上传PHP代码利用该漏洞执行任意代码。

Severity

中

Patch Name

eZ Publish Kernel和eZ Publish Legacy文件上传漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-10806

Impacted products

Name
['eZ Systems eZ Publish Kernel <5.4.14.1', 'eZ Systems eZ Publish Kernel 6.，<6.13.6.2', 'eZ Systems eZ Publish Kernel 7.，<7.5.6.2', 'eZ Systems eZ Publish Legacy <5.4.14.1', 'eZ Systems eZ Publish Legacy 2017，<2017.12.7.2', 'eZ Systems eZ Publish Legacy 2019，<2019.03.4.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-10806"
    }
  },
  "description": "eZ Systems eZ Platform\u662f\u632a\u5a01eZ Systems\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eSymfony\u6846\u67b6\u7684\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002eZ Publish Kernel\u662feZ\u5e73\u53f0\u7684\u5185\u6838\u7ec4\u4ef6\u3002eZ Publish Legacy\u662feZ\u5e73\u53f0\u7684\u65e7\u7248\u672c\u3002\n\neZ Publish Kernel\u548ceZ Publish Legacy\u4e2d\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4e0a\u4f20PHP\u4ee3\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-23052",
  "openTime": "2020-04-16",
  "patchDescription": "eZ Systems eZ Platform\u662f\u632a\u5a01eZ Systems\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eSymfony\u6846\u67b6\u7684\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002eZ Publish Kernel\u662feZ\u5e73\u53f0\u7684\u5185\u6838\u7ec4\u4ef6\u3002eZ Publish Legacy\u662feZ\u5e73\u53f0\u7684\u65e7\u7248\u672c\u3002\r\n\r\neZ Publish Kernel\u548ceZ Publish Legacy\u4e2d\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4e0a\u4f20PHP\u4ee3\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "eZ Publish Kernel\u548ceZ Publish Legacy\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "eZ Systems eZ Publish Kernel \u003c5.4.14.1",
      "eZ Systems eZ Publish Kernel 6.*\uff0c\u003c6.13.6.2",
      "eZ Systems eZ Publish Kernel 7.*\uff0c\u003c7.5.6.2",
      "eZ Systems eZ Publish Legacy \u003c5.4.14.1",
      "eZ Systems eZ Publish Legacy 2017\uff0c\u003c2017.12.7.2",
      "eZ Systems eZ Publish Legacy 2019\uff0c\u003c2019.03.4.2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-10806",
  "serverity": "\u4e2d",
  "submitTime": "2020-03-23",
  "title": "eZ Publish Kernel\u548ceZ Publish Legacy\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}

CVE-2020-10806 (GCVE-0-2020-10806)

Vulnerability from cvelistv5 – Published: 2020-03-22 15:34 – Updated: 2024-08-04 11:14

Summary

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://ezplatform.com/security-advisories/ezsa-2…

x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:14:15.514Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-22T15:34:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-10806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads",
              "refsource": "MISC",
              "url": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-10806",
    "datePublished": "2020-03-22T15:34:08",
    "dateReserved": "2020-03-22T00:00:00",
    "dateUpdated": "2024-08-04T11:14:15.514Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-23052

CVE-2020-10806 (GCVE-0-2020-10806)

Tags

Sightings

Nomenclature