it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
[IT-SecNots] [Security-news] Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004
Chronologisch Thread
- From: security-news AT drupal.org
- To: security-news AT drupal.org
- Subject: [IT-SecNots] [Security-news] Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004
- Date: Wed, 15 Mar 2023 17:56:51 +0000 (UTC)
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=pass (mail.piratenpartei.de: domain of security-news-bounces AT drupal.org designates 2605:bc80:3010::133 as permitted sender) smtp.mailfrom=security-news-bounces AT drupal.org; dmarc=pass (policy=none) header.from=drupal.org
- Dkim-filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 8D05741164
- Dkim-filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org D864440BF5
- Dkim-filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 1E6DD60BEB
- Dkim-filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 692AF60B3C
- List-archive: <http://lists.drupal.org/pipermail/security-news/>
- List-id: <security-news.drupal.org>
View online: https://www.drupal.org/sa-core-2023-004
Project: Drupal core [1]
Date: 2023-March-15
Security risk: *Moderately critical* 14∕25
AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon [2]
Vulnerability: Access bypass
Affected versions: <7.95 || >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0
<10.0.5
Description:
Drupal core provides a page that outputs the markup from phpinfo() to assist
with diagnosing PHP configuration.
If an attacker was able to achieve an XSS exploit against a privileged user,
they may be able to use the phpinfo page to access sensitive information that
could be used to escalate the attack.
This vulnerability is mitigated by the fact that a successful XSS exploit is
required in order to exploit it.
Solution:
Install the latest version:
* If you are using Drupal 10.0, update to Drupal 10.0.5 [3].
* If you are using Drupal 9.5, update to Drupal 9.5.5 [4].
* If you are using Drupal 9.4, update to Drupal 9.4.12 [5].
* If you are using Drupal 7, update to Drupal 7.95 [6].
All versions of Drupal 9 prior to 9.4.x are end-of-life and do not receive
security coverage. Note that Drupal 8 has reached its end of life [7].
Reported By:
* Elar Lang [8]
Fixed By:
* Damien McKenna [9] of the Drupal Security Team
* Elar Lang [10]
* Lee Rowlands [11] of the Drupal Security Team
* Alex Bronstein [12] of the Drupal Security Team
* Joseph Zhao [13] Provisional Member of the Drupal Security Team
* Drew Webber [14] of the Drupal Security Team
* Jen Lampton [15] Provisional Member of the Drupal Security Team
* Nate Lampton [16]
* Greg Knaddison [17] of the Drupal Security Team
[1] https://www.drupal.org/project/drupal
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/drupal/releases/10.0.5
[4] https://www.drupal.org/project/drupal/releases/9.5.5
[5] https://www.drupal.org/project/drupal/releases/9.4.12
[6] https://www.drupal.org/project/drupal/releases/7.95
[7] https://www.drupal.org/psa-2021-06-29
[8] https://www.drupal.org/user/3583903
[9] https://www.drupal.org/user/108450
[10] https://www.drupal.org/user/3583903
[11] https://www.drupal.org/user/395439
[12] https://www.drupal.org/user/78040
[13] https://www.drupal.org/user/1987218
[14] https://www.drupal.org/user/255969
[15] https://www.drupal.org/user/85586
[16] https://www.drupal.org/user/35821
[17] https://www.drupal.org/user/36762
_______________________________________________
Security-news mailing list
Security-news AT drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news
- [IT-SecNots] [Security-news] Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004, security-news, 15.03.2023
Archiv bereitgestellt durch MHonArc 2.6.24.