CVE-2024-7954

2024-08-2318:15:07

Debian Security Bug Tracker

security-tracker.debian.org

porte_plume

arbitrary code execution

spip

http request

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

Low

EPSS

0.002

Percentile

52.9%

JSON

The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.

OSVersionArchitecturePackageVersionFilename
Debian11allspip<= 3.2.11-3+deb11u10spip_3.2.11-3+deb11u10_all.deb
Debian999allspip< 4.3.0+dfsg-1spip_4.3.0+dfsg-1_all.deb
Debian13allspip< 4.3.0+dfsg-1spip_4.3.0+dfsg-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	11	all	spip	<= 3.2.11-3+deb11u10	spip_3.2.11-3+deb11u10_all.deb
Debian	999	all	spip	< 4.3.0+dfsg-1	spip_4.3.0+dfsg-1_all.deb
Debian	13	all	spip	< 4.3.0+dfsg-1	spip_4.3.0+dfsg-1_all.deb