Vulnerability Details : CVE-2019-10068
Public exploit exists!
An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to deserialize user-controlled .NET object input. This deserialization then led to unauthenticated remote code execution on the server where the Kentico instance was hosted.
Vulnerability category: Execute code
Products affected by CVE-2019-10068
- cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:*
- cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:*
- cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:*
- cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:*
CVE-2019-10068 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Kentico Xperience Deserialization of Untrusted Data Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2019-10068
Added on
2022-03-25
Action due date
2022-04-15
Exploit prediction scoring system (EPSS) score for CVE-2019-10068
97.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2019-10068
-
Kentico CMS Staging SyncServer Unserialize Remote Command Execution
Disclosure Date: 2019-04-15First seen: 2020-05-14exploit/windows/http/kentico_staging_syncserverThis module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote Command Execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData p
CVSS scores for CVE-2019-10068
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-07-16 |
CWE ids for CVE-2019-10068
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-10068
-
http://packetstormsecurity.com/files/157588/Kentico-CMS-12.0.14-Remote-Command-Execution.html
Kentico CMS 12.0.14 Remote Command Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://devnet.kentico.com/download/hotfixes#securityBugs-v12
HotfixesRelease Notes;Vendor Advisory
Jump to