CVE-2014-7235
Vulnerability from cvelistv5
Published
2014-10-07 14:00
Modified
2024-08-06 12:40
Severity ?
Summary
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
References
cve@mitre.orghttp://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536
cve@mitre.orghttp://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html
cve@mitre.orghttp://secunia.com/advisories/61601
cve@mitre.orghttp://www.securityfocus.com/bid/70188
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/96790
cve@mitre.orghttps://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836
cve@mitre.orghttps://www.exploit-db.com/exploits/41005/
af854a3a-2127-422b-91ae-364da2661108http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61601
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70188
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/96790
af854a3a-2127-422b-91ae-364da2661108https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/41005/
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
          },
          {
            "name": "61601",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61601"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
          },
          {
            "name": "freepbx-ariframework-code-exec(96790)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
          },
          {
            "name": "41005",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41005/"
          },
          {
            "name": "70188",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70188"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
        },
        {
          "name": "61601",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61601"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
        },
        {
          "name": "freepbx-ariframework-code-exec(96790)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
        },
        {
          "name": "41005",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41005/"
        },
        {
          "name": "70188",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70188"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7235",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
            },
            {
              "name": "61601",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61601"
            },
            {
              "name": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836",
              "refsource": "CONFIRM",
              "url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
            },
            {
              "name": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536",
              "refsource": "CONFIRM",
              "url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
            },
            {
              "name": "freepbx-ariframework-code-exec(96790)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
            },
            {
              "name": "41005",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41005/"
            },
            {
              "name": "70188",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70188"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7235",
    "datePublished": "2014-10-07T14:00:00",
    "dateReserved": "2014-09-30T00:00:00",
    "dateUpdated": "2024-08-06T12:40:19.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-7235\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-10-07T14:55:09.093\",\"lastModified\":\"2024-11-21T02:16:34.997\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.\"},{\"lang\":\"es\",\"value\":\"En el archivo htdocs_ari/includes/login.php en el m\u00f3dulo del Framework ARI/Asterisk Recording Interface (ARI) en FreePBX anterior a versi\u00f3n 2.9.0.9, versiones 2.10.x y versiones 2.11 anteriores a 2.11.1.5, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de la cookie ari_auth, relacionada con la funci\u00f3n unserialize de PHP, como se explot\u00f3 \u201cin the wild\u201d en septiembre de 2014.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6317E737-4318-4986-AC41-9F69BEEE57C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5B24685-54DE-4F76-AC05-3CA32A63E34D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182B7950-427E-4F48-968D-125DC480F00F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4126EAD1-F307-4252-B951-AF6BA8AB50AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38BD066D-9777-4D58-B283-38C35BD97171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7035B567-4728-4E8C-B27C-5C37445C89C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A591ECCE-6DBC-45BE-908F-BC5D8D817DDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A284DA73-FD42-4C79-A4B7-3A1848F3883B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F04952AA-A9F1-4C2F-A19A-5DF5D4CB27AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA512E0C-5E77-4D67-8E49-D6F5B7DCE87F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.10.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F29B0F2-C3A3-401C-A8D1-842E1D660BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.11.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61D4517F-EDED-49C3-B0E7-72703D49D78E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.11.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"787A42CA-870B-4595-8234-93C6E3D68A51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.11.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"697C8EA2-5E93-46A8-B604-49DDCEA8B0D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.11.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A082A340-769A-4925-AA29-4334B4940F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freepbx:freepbx:2.11.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04B6860F-F3D1-42E4-908D-789E26F00640\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.9.0.8\",\"matchCriteriaId\":\"575E3DA5-B8DE-47CC-A322-50EE531A5365\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:2.11.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B28D54-5FBD-403C-BA01-3D2CF2F8D8FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:2.11.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37704860-CB88-4182-9928-35A2CCDDA0D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:2.11.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DB72FB-2D60-4C78-B2E3-A54857FA382E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:2.11.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A36B78CA-1130-4045-99C3-339132F4ED66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:freepbx:2.11.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0675B567-E2FB-4870-BD42-5CB97DA1B9E9\"}]}]}],\"references\":[{\"url\":\"http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/61601\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/70188\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/96790\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/41005/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/70188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/96790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/41005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.