Description

Episerver CMS is a ASP.NET web content management system and digital marketing suite.

Ektron CMS 9.20 SP2 (and older versions) allows remote attackers to access administrative pages such as (/WorkArea/activateuser.aspx) without authentication by faking the Referer HTTP header.

Remediation

Upgrade to the latest version of Ektorn CMS. This vulnerability was patched with EKTR-508 (Security enhancement for re-enabling a user).

References

Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018-12596)

Related Vulnerabilities

WordPress Plugin WP SEO TDK Security Bypass (2.0.2)

WordPress Plugin PayPal for WooCommerce Security Bypass (1.5.7)

WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)

WordPress Plugin Essential Addons for Elementor Security Bypass (5.7.1)

WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)

Severity

High

Classification

CVE-2018-12596 CWE-285 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Authentication Bypass