New Dangerous Critical Vulnerability in CMS Drupal

Posted: June 19, 2015 in Vulnerability News
Tags: , , , , ,
0

Drupal vulnerabilitiesDangerous vulnerability has been fixed in Drupal. The most serious issue outlined in the advisory (CVE-2015-3234) allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts.

The victim must have an account in a certain OpenID-providers for a successful attack.

Vulnerabilities identified in the module OpenID, allows a potential attacker to log in as an administrator. However, for a successful attack the victim must have an account associated with the OpenID-providers (for example: Verisign, LiveJournal, StackExchange, and some other).

Three other vulnerabilities in Drupal have less risk rating is due to the fact that their use in the attack much more difficult. Nevertheless, the potential harm from the exploitation of these flaws is quite high. For example, an error in the Field UI module allows attackers under certain conditions use the «destinations» to redirect the user to an arbitrary web-site.

Drupal developers recommend to install security patches, updating CMS version to 6.36 or to 7.38.

Drupal Security Alert

Drupal Core – Critical – Multiple Vulnerabilities

Danger level: High
Availability of correction: Yes
The number of vulnerabilities: 4

Attack vector: Remote
Impact: Disclosure of sensitive data, Security Bypass, System Compromise, Open Redirect, Multiple vulnerabilities

Affected Products: Drupal 6.x, Drupal 7.x
Affected versions: Drupal version up to 6.36, Drupal version up to 7.38

Vulnerabilities Description:

These vulnerabilities could be used to compromise a vulnerable system.

1. [CVE-2015-3234] The flaw is the most critical of four. This vulnerability is caused due to an error related to the OpenID module. A remote user can log in from the administrative user name and take control of the account.

2. [CVE-2015-3232] This less critical vulnerability is caused due to an error related to Field UI module. This can be exploited to redirect the user to an arbitrary web-site.

3. [CVE-2015-3233] This less critical vulnerability is caused due to an error related to the Overlay module. This can be exploited to redirect the user to an arbitrary web-site.

4. [CVE-2015-3231] This less critical vulnerability is caused due to an error related to the processing of cache. This can be exploited to gain access to sensitive data.

Solution: Install the latest version from the manufacturer.

Drupal Vulnerabilities by popularity

CMS Drupal Logo

Manufacturer URL: drupal.org

Notification link: https://www.drupal.org/SA-CORE-2015-002

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s