Search criteria
6 vulnerabilities found for Experience Platform by Sitecore
CVE-2022-4979 (GCVE-0-2022-4979)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:55 – Updated: 2025-11-21 16:05
VLAI?
Summary
A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Platform |
Affected:
7.5 Initial Release , ≤ 7.5 Update-2
(custom)
Affected: 8.0 Initial Release , ≤ 8.0 Update-7 (custom) Affected: 8.1 Initial Release , ≤ 8.1 Update-3 (custom) Affected: 8.2 Initial Release , ≤ 8.2 Update-7 (custom) Affected: 9.0 Initial Release , ≤ 9.0 Update-2 (custom) Affected: 9.1 Initial Release , ≤ 9.1 Update 1 (custom) Affected: 9.2 Initial Release Affected: 9.3 Initial Release Affected: 10.0 Initial Release , ≤ 10.0 Update-3 (custom) Affected: 10.1 Initial Release , ≤ 10.1 Update-2 (custom) Affected: 10.2 Initial Release |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:39:41.562664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:43:58.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.5 Update-2",
"status": "affected",
"version": "7.5 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.0 Update-7",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1 Update-3",
"status": "affected",
"version": "8.1 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2 Update-7",
"status": "affected",
"version": "8.2 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0 Update-2",
"status": "affected",
"version": "9.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.1 Update 1",
"status": "affected",
"version": "9.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.2 Initial Release"
},
{
"status": "affected",
"version": "9.3 Initial Release"
},
{
"lessThanOrEqual": "10.0 Update-3",
"status": "affected",
"version": "10.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1 Update-2",
"status": "affected",
"version": "10.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.2 Initial Release"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Mangement System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.2 Update-6",
"status": "affected",
"version": "7.2 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:7.5:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update1",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.2:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.2:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:7.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update6",
"versionStartIncluding": "*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow \u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eauthenticated Sitecore Shell users to be tricked into executing custom JS code\u003c/span\u003e. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.\u003c/p\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T16:05:35.685Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001489"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001539"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-managed-cloud-xss"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-4979",
"datePublished": "2025-07-25T15:55:36.039Z",
"dateReserved": "2025-07-24T15:19:26.600Z",
"dateUpdated": "2025-11-21T16:05:35.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34510 (GCVE-0-2025-34510)
Vulnerability from cvelistv5 – Published: 2025-06-17 18:46 – Updated: 2025-11-19 01:24
VLAI?
Summary
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
Severity ?
8.8 (High)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
||||||||||||
|
||||||||||||||
Credits
Piotr Bazydlo of watchTowr
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34510",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:12.568004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T19:26:12.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:24:03.216Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apply the vendor provided hotpatch."
}
],
"value": "Apply the vendor provided hotpatch."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34510",
"datePublished": "2025-06-17T18:46:04.239Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2025-11-19T01:24:03.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34509 (GCVE-0-2025-34509)
Vulnerability from cvelistv5 – Published: 2025-06-17 18:20 – Updated: 2025-11-19 01:25
VLAI?
Summary
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
Severity ?
8.2 (High)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
|||||||
|
|||||||||
Credits
Piotr Bazydlo of watchTowr
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34509",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T03:56:09.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:25:24.317Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to patched versions."
}
],
"value": "Update to patched versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM and XP Hardcoded Credentials",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34509",
"datePublished": "2025-06-17T18:20:57.441Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2025-11-19T01:25:24.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4979 (GCVE-0-2022-4979)
Vulnerability from nvd – Published: 2025-07-25 15:55 – Updated: 2025-11-21 16:05
VLAI?
Summary
A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Platform |
Affected:
7.5 Initial Release , ≤ 7.5 Update-2
(custom)
Affected: 8.0 Initial Release , ≤ 8.0 Update-7 (custom) Affected: 8.1 Initial Release , ≤ 8.1 Update-3 (custom) Affected: 8.2 Initial Release , ≤ 8.2 Update-7 (custom) Affected: 9.0 Initial Release , ≤ 9.0 Update-2 (custom) Affected: 9.1 Initial Release , ≤ 9.1 Update 1 (custom) Affected: 9.2 Initial Release Affected: 9.3 Initial Release Affected: 10.0 Initial Release , ≤ 10.0 Update-3 (custom) Affected: 10.1 Initial Release , ≤ 10.1 Update-2 (custom) Affected: 10.2 Initial Release |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:39:41.562664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:43:58.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.5 Update-2",
"status": "affected",
"version": "7.5 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.0 Update-7",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1 Update-3",
"status": "affected",
"version": "8.1 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2 Update-7",
"status": "affected",
"version": "8.2 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0 Update-2",
"status": "affected",
"version": "9.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.1 Update 1",
"status": "affected",
"version": "9.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.2 Initial Release"
},
{
"status": "affected",
"version": "9.3 Initial Release"
},
{
"lessThanOrEqual": "10.0 Update-3",
"status": "affected",
"version": "10.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1 Update-2",
"status": "affected",
"version": "10.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.2 Initial Release"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Mangement System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.2 Update-6",
"status": "affected",
"version": "7.2 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:7.5:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update1",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.2:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.2:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:7.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update6",
"versionStartIncluding": "*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow \u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eauthenticated Sitecore Shell users to be tricked into executing custom JS code\u003c/span\u003e. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.\u003c/p\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T16:05:35.685Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001489"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001539"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-managed-cloud-xss"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-4979",
"datePublished": "2025-07-25T15:55:36.039Z",
"dateReserved": "2025-07-24T15:19:26.600Z",
"dateUpdated": "2025-11-21T16:05:35.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34510 (GCVE-0-2025-34510)
Vulnerability from nvd – Published: 2025-06-17 18:46 – Updated: 2025-11-19 01:24
VLAI?
Summary
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
Severity ?
8.8 (High)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
||||||||||||
|
||||||||||||||
Credits
Piotr Bazydlo of watchTowr
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34510",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:12.568004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T19:26:12.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:24:03.216Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apply the vendor provided hotpatch."
}
],
"value": "Apply the vendor provided hotpatch."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34510",
"datePublished": "2025-06-17T18:46:04.239Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2025-11-19T01:24:03.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34509 (GCVE-0-2025-34509)
Vulnerability from nvd – Published: 2025-06-17 18:20 – Updated: 2025-11-19 01:25
VLAI?
Summary
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
Severity ?
8.2 (High)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
|||||||
|
|||||||||
Credits
Piotr Bazydlo of watchTowr
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34509",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T03:56:09.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:25:24.317Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to patched versions."
}
],
"value": "Update to patched versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM and XP Hardcoded Credentials",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34509",
"datePublished": "2025-06-17T18:20:57.441Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2025-11-19T01:25:24.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}