CVE-2020-13671

{"id": "CVE-2020-13671", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-11-20T16:15:15.433", "references": [{"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/", "source": "mlhess@drupal.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/", "source": "mlhess@drupal.org"}, {"url": "https://www.drupal.org/sa-core-2020-012", "tags": ["Vendor Advisory"], "source": "mlhess@drupal.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."}, {"lang": "es", "value": "Drupal core no sanea apropiadamente determinados nombres de archivo en los archivos cargados, lo que puede conllevar a unos archivos ser interpretados como la extensi\u00f3n incorrecta y servir como el tipo MIME incorrecto o ser ejecutados como PHP para determinadas configuraciones de alojamiento. Este problema afecta: Drupal Drupal Core versiones 9.0 anteriores a 9.0.8, versiones 8.9 anteriores a 8.9.9, versiones 8.8 anteriores a 8.8.11 y versiones 7 anteriores a 7.74"}], "lastModified": "2023-11-07T03:16:47.453", "cisaActionDue": "2022-07-18", "cisaExploitAdd": "2022-01-18", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32D3B8C5-C846-4F40-952A-004E52A44A85", "versionEndExcluding": "7.74", "versionStartIncluding": "7.0"}, {"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5349E11-2D5C-49DC-BBAA-A228867C898F", "versionEndExcluding": "8.8.11", "versionStartIncluding": "8.8"}, {"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D62D78B-F746-43C0-89F8-E03EC489A4F4", "versionEndExcluding": "8.9.9", "versionStartIncluding": "8.9"}, {"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B83FAEE8-B014-4839-BD7F-A33C67BFBF8C", "versionEndExcluding": "9.0.8", "versionStartIncluding": "9.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"}], "operator": "OR"}]}], "sourceIdentifier": "mlhess@drupal.org", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Drupal core Un-restricted Upload of File"}