Vulnerability Details : CVE-2017-8082
concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving the /tools/required/files/importers/imageeditor?fID=1&imgData= URI. This results in a site-wide denial of service making the site not accessible to any users or any administrators.
Vulnerability category: Cross-site request forgery (CSRF)Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2017-8082
Probability of exploitation activity in the next 30 days: 0.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 66 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-8082
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
|
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2017-8082
-
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8082
-
https://twitter.com/insecurity/status/856066923146215425
PROJECT INSECURITY on Twitter: "[EXPLOIT] Concrete5 CMS - CSRF leading to site-wide Denial of Service (makes site completely inaccessible) writeup: https://t.co/xHvALUu2OO… https://t.co/JqUtD9nFys"Third Party Advisory
-
https://drive.google.com/open?id=0B3vXUYdNMECWZTd3SFRnUjllWk0
Concrete5 8.1.0 DOS via csrf.mp4 - Google DriveExploit
-
http://zeroday.insecurity.zone/exploits/concrete5_csrf_dos.txt
Exploit;Third Party Advisory
Products affected by CVE-2017-8082
- cpe:2.3:a:concretecms:concrete_cms:8.1.0:*:*:*:*:*:*:*