Ektron.CMS.SP2.ASPX.activateuser.Improper.Privilege.Management
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Episerver Ektron CMS.
A remote unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. An attacker can exploit this to add new user with administrator privileges in the affected system.
Affected Products
Episerver Ektron CMS 9.0
Episerver Ektron CMS 9.0 SP1
Episerver Ektron CMS 9.0 SP2
Episerver Ektron CMS 9.10
Episerver Ektron CMS 9.10 SP1
Episerver Ektron CMS 9.10 SP2
Episerver Ektron CMS 9.20
Episerver Ektron CMS 9.20 SP1
Impact
Security Bypass: Remote attackers can bypass security features of vulnerable systems without authentication.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://medium.com/@alt3kx/ektron-content-management-system-cms-9-20-sp2-remote-re-enabling-users-cve-2018-12596-bdf1e3a05158
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |