CVE-2017-14143

Опубликовано: 19 сент. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Высокий

Описание

The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via a crafted userzone cookie.

Ссылки

http://www.securityfocus.com/bid/100976
Third Party Advisory
VDB Entry
https://github.com/kaltura/server/commit/6a6d14328b7a1493e8c47f9565461e5f88be20c9#diff-0770640cc76112cbf77bebc604852682
Third Party Advisory
https://telekomsecurity.github.io/assets/advisories/20170912_kaltura-advisory.txt
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/43028/
https://www.exploit-db.com/exploits/43876/
http://www.securityfocus.com/bid/100976
Third Party Advisory
VDB Entry
https://github.com/kaltura/server/commit/6a6d14328b7a1493e8c47f9565461e5f88be20c9#diff-0770640cc76112cbf77bebc604852682
Third Party Advisory
https://telekomsecurity.github.io/assets/advisories/20170912_kaltura-advisory.txt
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/43028/
https://www.exploit-db.com/exploits/43876/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kaltura:kaltura_server:*:*:*:*:*:*:*:*

Версия до mercury-13.1.0 (включая)

EPSS

Процентиль: 99%

0.77447

Высокий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-pmgh-jv2x-393j