{"id": "1455C86C-26C2-11E7-9DAA-6CF0497DB129", "bulletinFamily": "unix", "title": "drupal8 -- Drupal Core - Critical - Access Bypass", "description": "\nDrupal Security Team Reports:\n\nCVE-2017-6919: Access bypass\n\n", "published": "2017-04-19T00:00:00", "modified": "2017-04-19T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/1455c86c-26c2-11e7-9daa-6cf0497db129.html", "reporter": "FreeBSD", "references": [], "cvelist": ["CVE-2017-6919"], "type": "freebsd", "lastseen": "2018-08-31T01:13:59", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "drupal8", "packageVersion": "8.3.1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2017-6919"], "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "\nDrupal Security Team Reports:\n\nCVE-2017-6919: Access bypass\n\n", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "8d76644a2b009fec5b78c3635fc0be8f7f6ca04ca828e68d5d3cb0b529c26cdc", "hashmap": [{"hash": "6548317a4c70bf506e54100dc01772b8", "key": "affectedPackage"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "39c763afd4ab77c426e9a3e4ba4409bc", "key": "cvelist"}, {"hash": "0548f3fe67fa6522268e31afe191ffdf", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "1e9032c60526bf24e14725ea84bd97c2", "key": "href"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "262a870542d1d54b12c9e5699c167411", "key": "description"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "modified"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "published"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/1455c86c-26c2-11e7-9daa-6cf0497db129.html", "id": "1455C86C-26C2-11E7-9DAA-6CF0497DB129", "lastseen": "2017-04-25T09:18:26", "modified": "2017-04-19T00:00:00", "objectVersion": "1.2", "published": "2017-04-19T00:00:00", "references": [], "reporter": "FreeBSD", "title": "drupal8 -- Drupal Core - Critical - Access Bypass", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-04-25T09:18:26"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "drupal8", "packageVersion": "8.3.1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2017-6919"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nDrupal Security Team Reports:\n\nCVE-2017-6919: Access bypass\n\n", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "b2ba855ba22ebc802660b2d196e21b6e8f0cae2e84a87e3ff75e0e6dc82f3a58", "hashmap": [{"hash": "6548317a4c70bf506e54100dc01772b8", "key": "affectedPackage"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "39c763afd4ab77c426e9a3e4ba4409bc", "key": "cvelist"}, {"hash": "0548f3fe67fa6522268e31afe191ffdf", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "1e9032c60526bf24e14725ea84bd97c2", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "262a870542d1d54b12c9e5699c167411", "key": "description"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "modified"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "published"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/1455c86c-26c2-11e7-9daa-6cf0497db129.html", "id": "1455C86C-26C2-11E7-9DAA-6CF0497DB129", "lastseen": "2018-08-30T19:13:33", "modified": "2017-04-19T00:00:00", "objectVersion": "1.3", "published": "2017-04-19T00:00:00", "references": [], "reporter": "FreeBSD", "title": "drupal8 -- Drupal Core - Critical - Access Bypass", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:13:33"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "drupal8", "packageVersion": "8.3.1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2017-6919"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nDrupal Security Team Reports:\n\nCVE-2017-6919: Access bypass\n\n", "edition": 1, "hash": "700edc5292efcacfce414ced11fd1151c289e69090670d3db35ca9370dd341d9", "hashmap": [{"hash": "6548317a4c70bf506e54100dc01772b8", "key": "affectedPackage"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "39c763afd4ab77c426e9a3e4ba4409bc", "key": "cvelist"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "0548f3fe67fa6522268e31afe191ffdf", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "1e9032c60526bf24e14725ea84bd97c2", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "262a870542d1d54b12c9e5699c167411", "key": "description"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "modified"}, {"hash": "a5b7f0cc720ea6aaf55c2ae037a501cd", "key": "published"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/1455c86c-26c2-11e7-9daa-6cf0497db129.html", "id": "1455C86C-26C2-11E7-9DAA-6CF0497DB129", "lastseen": "2017-04-21T19:18:13", "modified": "2017-04-19T00:00:00", "objectVersion": "1.2", "published": "2017-04-19T00:00:00", "references": [], "reporter": "FreeBSD", "title": "drupal8 -- Drupal Core - Critical - Access Bypass", "type": "freebsd", "viewCount": 0}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2017-04-21T19:18:13"}], "edition": 4, "hashmap": [{"key": "affectedPackage", "hash": "6548317a4c70bf506e54100dc01772b8"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "39c763afd4ab77c426e9a3e4ba4409bc"}, {"key": "cvss", "hash": "61a37396f8fc8545e5dc3fd73288ce16"}, {"key": "description", "hash": "262a870542d1d54b12c9e5699c167411"}, {"key": "href", "hash": "1e9032c60526bf24e14725ea84bd97c2"}, {"key": "modified", "hash": "a5b7f0cc720ea6aaf55c2ae037a501cd"}, {"key": "published", "hash": "a5b7f0cc720ea6aaf55c2ae037a501cd"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "0548f3fe67fa6522268e31afe191ffdf"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "8d76644a2b009fec5b78c3635fc0be8f7f6ca04ca828e68d5d3cb0b529c26cdc", "viewCount": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-6919"]}, {"type": "seebug", "idList": ["SSV:92989"]}, {"type": "nessus", "idList": ["FEDORA_2017-E8767A2FBB.NASL", "FREEBSD_PKG_1455C86C26C211E79DAA6CF0497DB129.NASL", "FEDORA_2017-CCDF272E60.NASL", "FEDORA_2017-041473E742.NASL", "DRUPAL_8_2_8.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310810759", "OPENVAS:1361412562310872636", "OPENVAS:1361412562310872635"]}], "modified": "2018-08-31T01:13:59"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "drupal8", "packageVersion": "8.3.1"}]}

{"cve": [{"lastseen": "2017-07-11T10:48:14", "bulletinFamily": "NVD", "description": "Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.", "modified": "2017-07-10T21:33:47", "published": "2017-04-19T22:59:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6919", "id": "CVE-2017-6919", "title": "CVE-2017-6919", "type": "cve", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T11:59:28", "bulletinFamily": "exploit", "description": "This is a critical access bypass vulnerability. A site is only affected by this if all of the following conditions are met:\r\n\r\n* The site has the RESTful Web Services (`rest`) module enabled.\r\n* The site allows `PATCH` requests.\r\n* An attacker can get or register a user account on the site.\r\n\r\nWhile we don't normally provide security releases for [unsupported minor releases](https://www.drupal.org/core/release-cycle-overview), given the potential severity of this issue, we have also provided an 8.2.x release to ensure that sites that have not had a chance to update to 8.3.0 can update safely.", "modified": "2017-04-21T00:00:00", "published": "2017-04-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-92989", "id": "SSV:92989", "type": "seebug", "title": "Drupal Core - Access Bypass vulnerability (CVE-2017-6919)", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-03-18T14:27:14", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-05-03T00:00:00", "id": "OPENVAS:1361412562310872636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872636", "title": "Fedora Update for drupal8 FEDORA-2017-041473e742", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal8 FEDORA-2017-041473e742\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872636\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-03 14:19:19 +0530 (Wed, 03 May 2017)\");\n script_cve_id(\"CVE-2017-6919\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal8 FEDORA-2017-041473e742\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-041473e742\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIPRUVH46DZXCUI3HUED26QFUCXSUPB3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.3.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:34:05", "bulletinFamily": "scanner", "description": "This host is running Drupal and is prone\n to access bypass vulnerability.", "modified": "2018-10-16T00:00:00", "published": "2017-04-20T00:00:00", "id": "OPENVAS:1361412562310810759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810759", "title": "Drupal Core Access Bypass Vulnerability (SA-CORE-2017-002)-Windows", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_drupal_core_access_bypass_vuln_SA-CORE-2017-002.nasl 11923 2018-10-16 10:38:56Z mmartin $\n#\n# Drupal Core Access Bypass Vulnerability (SA-CORE-2017-002)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:drupal:drupal';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810759\");\n script_version(\"$Revision: 11923 $\");\n script_cve_id(\"CVE-2017-6919\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-16 12:38:56 +0200 (Tue, 16 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-20 12:14:26 +0530 (Thu, 20 Apr 2017)\");\n # A site is only affected by this if some of the conditions are met.\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Drupal Core Access Bypass Vulnerability (SA-CORE-2017-002)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is running Drupal and is prone\n to access bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Drupal has released an advisory to address\n access bypass vulnerability in Drupal core.\n\n A site is only affected by this if all of the following conditions are met:\n\n The site has the RESTful Web Services (rest) module enabled.\n The site allows PATCH requests.\n An attacker can get or register a user account on the site.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to to obtain sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Drupal version 8 prior to 8.2.8 and 8.3.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 8.2.8, 8.3.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.drupal.org/SA-CORE-2017-002\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\");\n script_mandatory_keys(\"drupal/installed\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!drupalPort= get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!drupalVer = get_app_version(cpe:CPE, port:drupalPort, version_regex:\"^[0-9]\\.[0-9]+\")){\n exit(0);\n}\n\nif(drupalVer =~ \"^(8\\.)\")\n{\n if(version_in_range(version:drupalVer, test_version:\"8.0\", test_version2:\"8.2.7\"))\n {\n VULN = TRUE;\n fix = \"8.2.8\";\n }\n}\nelse if(version_is_equal(version:drupalVer, test_version:\"8.3.0\"))\n{\n VULN = TRUE;\n fix = \"8.3.1\";\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:drupalVer, fixed_version:fix);\n security_message(data:report, port:drupalPort);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:28:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-05-03T00:00:00", "id": "OPENVAS:1361412562310872635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872635", "title": "Fedora Update for drupal8 FEDORA-2017-e8767a2fbb", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal8 FEDORA-2017-e8767a2fbb\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872635\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-03 14:19:08 +0530 (Wed, 03 May 2017)\");\n script_cve_id(\"CVE-2017-6919\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal8 FEDORA-2017-e8767a2fbb\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-e8767a2fbb\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJFWFFZKGFBEKG22IEYSKHRH6QGG22Y3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.3.1~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:30:36", "bulletinFamily": "scanner", "description": "- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1)\n\n - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-18T00:00:00", "id": "FEDORA_2017-041473E742.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99922", "published": "2017-05-02T00:00:00", "title": "Fedora 25 : drupal8 (2017-041473e742)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-041473e742.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99922);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2017-6919\");\n script_xref(name:\"FEDORA\", value:\"2017-041473e742\");\n\n script_name(english:\"Fedora 25 : drupal8 (2017-041473e742)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [8.3.1](https://www.drupal.org/project/drupal/releases/8\n .3.1)\n\n - [Drupal Core - Critical - Access Bypass -\n SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00\n 2)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-041473e742\"\n );\n # https://www.drupal.org/SA-CORE-2017-002\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e87464cd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"drupal8-8.3.1-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:30:36", "bulletinFamily": "scanner", "description": "- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1)\n\n - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-18T00:00:00", "id": "FEDORA_2017-E8767A2FBB.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99925", "published": "2017-05-02T00:00:00", "title": "Fedora 24 : drupal8 (2017-e8767a2fbb)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-e8767a2fbb.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99925);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2017-6919\");\n script_xref(name:\"FEDORA\", value:\"2017-e8767a2fbb\");\n\n script_name(english:\"Fedora 24 : drupal8 (2017-e8767a2fbb)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [8.3.1](https://www.drupal.org/project/drupal/releases/8\n .3.1)\n\n - [Drupal Core - Critical - Access Bypass -\n SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00\n 2)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8767a2fbb\"\n );\n # https://www.drupal.org/SA-CORE-2017-002\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e87464cd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"drupal8-8.3.1-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:31:54", "bulletinFamily": "scanner", "description": "- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1)\n\n - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-18T00:00:00", "id": "FEDORA_2017-CCDF272E60.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101720", "published": "2017-07-17T00:00:00", "title": "Fedora 26 : drupal8 (2017-ccdf272e60)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ccdf272e60.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101720);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2017-6919\");\n script_xref(name:\"FEDORA\", value:\"2017-ccdf272e60\");\n\n script_name(english:\"Fedora 26 : drupal8 (2017-ccdf272e60)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [8.3.1](https://www.drupal.org/project/drupal/releases/8\n .3.1)\n\n - [Drupal Core - Critical - Access Bypass -\n SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00\n 2)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccdf272e60\"\n );\n # https://www.drupal.org/SA-CORE-2017-002\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e87464cd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"drupal8-8.3.1-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:05:55", "bulletinFamily": "scanner", "description": "Drupal Security Team Reports :\n\nCVE-2017-6919: Access bypass", "modified": "2018-11-10T00:00:00", "published": "2017-04-24T00:00:00", "id": "FREEBSD_PKG_1455C86C26C211E79DAA6CF0497DB129.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99615", "title": "FreeBSD : drupal8 -- Drupal Core - Critical - Access Bypass (1455c86c-26c2-11e7-9daa-6cf0497db129)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99615);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:46\");\n\n script_cve_id(\"CVE-2017-6919\");\n\n script_name(english:\"FreeBSD : drupal8 -- Drupal Core - Critical - Access Bypass (1455c86c-26c2-11e7-9daa-6cf0497db129)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Drupal Security Team Reports :\n\nCVE-2017-6919: Access bypass\"\n );\n # https://vuxml.freebsd.org/freebsd/1455c86c-26c2-11e7-9daa-6cf0497db129.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8d03f84\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"drupal8<8.3.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:30:28", "bulletinFamily": "scanner", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 8.x prior to 8.2.8 or 8.3.x prior to 8.3.1. It is, therefore, affected by an access bypass vulnerability due to an unspecified flaw when the RESTful Web Services (rest) module is enabled and the site allows PATCH requests. An authenticated, remote attacker can exploit this to bypass critical access restrictions.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "modified": "2018-06-14T00:00:00", "id": "DRUPAL_8_2_8.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99690", "published": "2017-04-26T00:00:00", "title": "Drupal 8.x < 8.2.8 / 8.3.x < 8.3.1 Access Bypass Vulnerability (SA-CORE-2017-002)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99690);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/06/14 12:21:47\");\n\n script_cve_id(\"CVE-2017-6919\");\n script_bugtraq_id(97941);\n\n script_name(english:\"Drupal 8.x < 8.2.8 / 8.3.x < 8.3.1 Access Bypass Vulnerability (SA-CORE-2017-002)\");\n script_summary(english:\"Checks the version of Drupal.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by an\naccess bypass vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running\non the remote web server is 8.x prior to 8.2.8 or 8.3.x prior to\n8.3.1. It is, therefore, affected by an access bypass vulnerability\ndue to an unspecified flaw when the RESTful Web Services (rest) module\nis enabled and the site allows PATCH requests. An authenticated,\nremote attacker can exploit this to bypass critical access\nrestrictions.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/SA-CORE-2017-002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.2.8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.3.1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 8.2.8 / 8.3.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:\"Drupal\", port:port, webapp:true);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { \"min_version\" : \"8.0\", \"max_version\" : \"8.0.4\", \"fixed_version\" : \"8.0.5\" },\n { \"min_version\" : \"8.1\", \"max_version\" : \"8.1.10\", \"fixed_version\" : \"8.1.11\" },\n { \"min_version\" : \"8.2\", \"max_version\" : \"8.2.7\", \"fixed_version\" : \"8.2.8\" },\n { \"min_version\" : \"8.3\", \"max_version\" : \"8.3.0\", \"fixed_version\" : \"8.3.1\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}