CVE-2017-6921 - OpenCVE

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Drupal	Drupal

Configuration 1 [-]

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/99222
http://www.securitytracker.com/id/1038781
https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple

History

Mon, 16 Sep 2024 20:00:00 +0000

Type	Values Removed	Values Added
Title	File REST resource does not properly validate	File REST resource does not properly validate

MITRE

Status: PUBLISHED

Assigner: drupal

Published: 2019-01-15T22:00:00Z

Updated: 2024-09-16T19:47:08.043Z

Reserved: 2017-03-16T00:00:00

Link: CVE-2017-6921

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-01-15T21:29:00.243

Modified: 2023-11-07T02:49:59.467

Link: CVE-2017-6921

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Drupal Core", "vendor": "Drupal", "versions": [{"lessThan": "8.3.4", "status": "affected", "version": "Drupal 8", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource."}], "problemTypes": [{"descriptions": [{"description": "Access Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-01-16T10:57:01", "orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal"}, "references": [{"name": "99222", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99222"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple"}, {"name": "1038781", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038781"}], "source": {"advisory": "SA-CORE-2017-003", "discovery": "UNKNOWN"}, "title": "File REST resource does not properly validate", "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "security@drupal.org", "DATE_PUBLIC": "", "ID": "CVE-2017-6921", "STATE": "PUBLIC", "TITLE": "File REST resource does not properly validate"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Drupal Core", "version": {"version_data": [{"affected": "<", "platform": "", "version_affected": "<", "version_name": "Drupal 8", "version_value": "8.3.4"}]}}]}, "vendor_name": "Drupal"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource."}]}, "exploit": [], "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Access Bypass"}]}]}, "references": {"reference_data": [{"name": "99222", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99222"}, {"name": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple", "refsource": "CONFIRM", "url": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple"}, {"name": "1038781", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038781"}]}, "solution": [], "source": {"advisory": "SA-CORE-2017-003", "defect": [], "discovery": "UNKNOWN"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:49:01.335Z"}, "title": "CVE Program Container", "references": [{"name": "99222", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99222"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple"}, {"name": "1038781", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038781"}]}]}, "cveMetadata": {"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "assignerShortName": "drupal", "cveId": "CVE-2017-6921", "datePublished": "2019-01-15T22:00:00Z", "dateReserved": "2017-03-16T00:00:00", "dateUpdated": "2024-09-16T19:47:08.043Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0C572FD-C76D-4714-85A3-5CFF9F292C2C", "versionEndExcluding": "8.3.4", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource."}, {"lang": "es", "value": "En Drupal 8, en versiones anteriores a la 8.3.4, el recurso de archivo REST no valida correctamente algunos campos al manipular archivos. Un sitio solo se ve afectado por esto si tiene el m\u00f3dulo RESTful Web Services (rest) habilitado, el recurso de archivo REST habilitado, permite peticiones PATCH, y un atacante es capaz de obtener o registrar una cuenta de usuario en el sitio con permisos para subir archivos y modificar el recurso de archivo."}], "id": "CVE-2017-6921", "lastModified": "2023-11-07T02:49:59.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-15T21:29:00.243", "references": [{"source": "mlhess@drupal.org", "tags": ["VDB Entry", "Third Party Advisory"], "url": "http://www.securityfocus.com/bid/99222"}, {"source": "mlhess@drupal.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038781"}, {"source": "mlhess@drupal.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple"}], "sourceIdentifier": "mlhess@drupal.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}