Vulnerability Details : CVE-2018-12596
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins).
Products affected by CVE-2018-12596
- cpe:2.3:a:episerver:ektron_cms:9.00:sp2:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.10:sp2:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.10:-:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.10:sp1:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.20:-:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.00:-:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.00:sp1:*:*:*:*:*:*
- cpe:2.3:a:episerver:ektron_cms:9.20:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-12596
44.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12596
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-12596
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12596
-
http://seclists.org/fulldisclosure/2018/Oct/15
Full Disclosure: Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)Exploit;Mitigation;Mailing List;Patch;Third Party Advisory
-
https://github.com/alt3kx/CVE-2018-12596
GitHub - alt3kx/CVE-2018-12596: Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)Exploit;Patch;Third Party Advisory
-
https://www.exploit-db.com/exploits/45577/
Ektron CMS 9.20 SP2 - Improper Access RestrictionsExploit;Mitigation;Patch;Third Party Advisory;VDB Entry
-
https://medium.com/@alt3kx/ektron-content-management-system-cms-9-20-sp2-remote-re-enabling-users-cve-2018-12596-bdf1e3a05158
Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)Exploit;Patch;Third Party Advisory
Jump to