Description

Episerver CMS is a ASP.NET web content management system and digital marketing suite.

Ektron CMS 9.20 SP2 (and older versions) allows remote attackers to access administrative pages such as (/WorkArea/activateuser.aspx) without authentication by faking the Referer HTTP header.

Remediation

Upgrade to the latest version of Ektorn CMS. This vulnerability was patched with EKTR-508 (Security enhancement for re-enabling a user).

References

Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018-12596)

Related Vulnerabilities

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Security Bypass (1.7.29)

WordPress Plugin WooCommerce Blocks Security Bypass (3.7.0)

WordPress Plugin Comment and Review Spam Control for WooCommerce Security Bypass (1.4.2)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Security Bypass (2.0.15)

WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.3.0)

Severity

High

Classification

CVE-2018-12596 CWE-285 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Authentication Bypass