cvelistv5 - CVE-2020-13671

CVE-2020-13671 (GCVE-0-2020-13671)

Vulnerability from cvelistv5 – Published: 2020-11-20 15:40 – Updated: 2025-10-21 23:35

CISA

Summary

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Remote code execution

Assigner

drupal

References

URL

Tags

	https://www.drupal.org/sa-core-2020-012	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	Drupal	Drupal Core	Affected: 9.0 versions prior to 9.0.8 Affected: 8.9 versions prior to 8.9.9 Affected: 8.8 versions prior to 8.8.11 Affected: 7 versions prior to 7.74

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-01-18

Due date: 2022-07-18

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-13671

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:25:16.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.drupal.org/sa-core-2020-012"
          },
          {
            "name": "FEDORA-2020-6f1079934c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
          },
          {
            "name": "FEDORA-2020-d50d74d6f2",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-13671",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T12:38:31.133573Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-18",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-434",
                "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:35:32.528Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-18T00:00:00+00:00",
            "value": "CVE-2020-13671 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Drupal Core",
          "vendor": "Drupal",
          "versions": [
            {
              "status": "affected",
              "version": "9.0 versions prior to 9.0.8"
            },
            {
              "status": "affected",
              "version": "8.9 versions prior to 8.9.9"
            },
            {
              "status": "affected",
              "version": "8.8 versions prior to 8.8.11"
            },
            {
              "status": "affected",
              "version": "7 versions prior to 7.74"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote code execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-15T03:06:07.000Z",
        "orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
        "shortName": "drupal"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.drupal.org/sa-core-2020-012"
        },
        {
          "name": "FEDORA-2020-6f1079934c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
        },
        {
          "name": "FEDORA-2020-d50d74d6f2",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@drupal.org",
          "ID": "CVE-2020-13671",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Drupal Core",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.0 versions prior to 9.0.8"
                          },
                          {
                            "version_value": "8.9 versions prior to 8.9.9"
                          },
                          {
                            "version_value": "8.8 versions prior to 8.8.11"
                          },
                          {
                            "version_value": "7 versions prior to 7.74"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Drupal"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote code execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.drupal.org/sa-core-2020-012",
              "refsource": "CONFIRM",
              "url": "https://www.drupal.org/sa-core-2020-012"
            },
            {
              "name": "FEDORA-2020-6f1079934c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
            },
            {
              "name": "FEDORA-2020-d50d74d6f2",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
    "assignerShortName": "drupal",
    "cveId": "CVE-2020-13671",
    "datePublished": "2020-11-20T15:40:39.000Z",
    "dateReserved": "2020-05-28T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:35:32.528Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2020-13671",
      "cwes": "[\"CWE-434\"]",
      "dateAdded": "2022-01-18",
      "dueDate": "2022-07-18",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2020-13671",
      "product": "Drupal core",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Improper sanitization in the extension file names is present in Drupal core.",
      "vendorProject": "Drupal",
      "vulnerabilityName": "Drupal core Un-restricted Upload of File"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-07-18",
      "cisaExploitAdd": "2022-01-18",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Drupal core Un-restricted Upload of File",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.74\", \"matchCriteriaId\": \"32D3B8C5-C846-4F40-952A-004E52A44A85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.8\", \"versionEndExcluding\": \"8.8.11\", \"matchCriteriaId\": \"A5349E11-2D5C-49DC-BBAA-A228867C898F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.9\", \"versionEndExcluding\": \"8.9.9\", \"matchCriteriaId\": \"8D62D78B-F746-43C0-89F8-E03EC489A4F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0\", \"versionEndExcluding\": \"9.0.8\", \"matchCriteriaId\": \"B83FAEE8-B014-4839-BD7F-A33C67BFBF8C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36D96259-24BD-44E2-96D9-78CE1D41F956\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.\"}, {\"lang\": \"es\", \"value\": \"Drupal core no sanea apropiadamente determinados nombres de archivo en los archivos cargados, lo que puede conllevar a unos archivos ser interpretados como la extensi\\u00f3n incorrecta y servir como el tipo MIME incorrecto o ser ejecutados como PHP para determinadas configuraciones de alojamiento.\u0026#xa0;Este problema afecta: Drupal Drupal Core versiones 9.0 anteriores a 9.0.8, versiones 8.9 anteriores a 8.9.9, versiones 8.8 anteriores a 8.8.11 y  versiones 7 anteriores a 7.74\"}]",
      "id": "CVE-2020-13671",
      "lastModified": "2024-11-21T05:01:43.983",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-11-20T16:15:15.433",
      "references": "[{\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\", \"source\": \"mlhess@drupal.org\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\", \"source\": \"mlhess@drupal.org\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"https://www.drupal.org/sa-core-2020-012\", \"source\": \"mlhess@drupal.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"https://www.drupal.org/sa-core-2020-012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "mlhess@drupal.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-13671\",\"sourceIdentifier\":\"mlhess@drupal.org\",\"published\":\"2020-11-20T16:15:15.433\",\"lastModified\":\"2025-11-03T18:06:21.510\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.\"},{\"lang\":\"es\",\"value\":\"Drupal core no sanea apropiadamente determinados nombres de archivo en los archivos cargados, lo que puede conllevar a unos archivos ser interpretados como la extensi\u00f3n incorrecta y servir como el tipo MIME incorrecto o ser ejecutados como PHP para determinadas configuraciones de alojamiento.\u0026#xa0;Este problema afecta: Drupal Drupal Core versiones 9.0 anteriores a 9.0.8, versiones 8.9 anteriores a 8.9.9, versiones 8.8 anteriores a 8.8.11 y  versiones 7 anteriores a 7.74\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-01-18\",\"cisaActionDue\":\"2022-07-18\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Drupal core Un-restricted Upload of File\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.74\",\"matchCriteriaId\":\"32D3B8C5-C846-4F40-952A-004E52A44A85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.8.0\",\"versionEndExcluding\":\"8.8.11\",\"matchCriteriaId\":\"69011CB4-0D3B-451C-B371-55A5EBD182A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.9.0\",\"versionEndExcluding\":\"8.9.9\",\"matchCriteriaId\":\"6DE747DB-3EEA-4A49-BCDE-1188C578DED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.8\",\"matchCriteriaId\":\"DBB48D3F-1877-427E-8E75-82E7A6D1FC84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}],\"references\":[{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\",\"source\":\"mlhess@drupal.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\",\"source\":\"mlhess@drupal.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://www.drupal.org/sa-core-2020-012\",\"source\":\"mlhess@drupal.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://www.drupal.org/sa-core-2020-012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.drupal.org/sa-core-2020-012\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\", \"name\": \"FEDORA-2020-6f1079934c\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\", \"name\": \"FEDORA-2020-d50d74d6f2\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T12:25:16.218Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-13671\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T12:38:31.133573Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-18\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-01-18T00:00:00+00:00\", \"value\": \"CVE-2020-13671 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434 Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T12:36:46.929Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Drupal\", \"product\": \"Drupal Core\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.0 versions prior to 9.0.8\"}, {\"status\": \"affected\", \"version\": \"8.9 versions prior to 8.9.9\"}, {\"status\": \"affected\", \"version\": \"8.8 versions prior to 8.8.11\"}, {\"status\": \"affected\", \"version\": \"7 versions prior to 7.74\"}]}], \"references\": [{\"url\": \"https://www.drupal.org/sa-core-2020-012\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\", \"name\": \"FEDORA-2020-6f1079934c\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\", \"name\": \"FEDORA-2020-d50d74d6f2\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote code execution\"}]}], \"providerMetadata\": {\"orgId\": \"2c85b837-eb8b-40ed-9d74-228c62987387\", \"shortName\": \"drupal\", \"dateUpdated\": \"2020-12-15T03:06:07.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"9.0 versions prior to 9.0.8\"}, {\"version_value\": \"8.9 versions prior to 8.9.9\"}, {\"version_value\": \"8.8 versions prior to 8.8.11\"}, {\"version_value\": \"7 versions prior to 7.74\"}]}, \"product_name\": \"Drupal Core\"}]}, \"vendor_name\": \"Drupal\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.drupal.org/sa-core-2020-012\", \"name\": \"https://www.drupal.org/sa-core-2020-012\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/\", \"name\": \"FEDORA-2020-6f1079934c\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/\", \"name\": \"FEDORA-2020-d50d74d6f2\", \"refsource\": \"FEDORA\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote code execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-13671\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@drupal.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-13671\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-30T01:45:31.654Z\", \"dateReserved\": \"2020-05-28T00:00:00.000Z\", \"assignerOrgId\": \"2c85b837-eb8b-40ed-9d74-228c62987387\", \"datePublished\": \"2020-11-20T15:40:39.000Z\", \"assignerShortName\": \"drupal\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2020-13671

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-13671

Aliases

CVE-2020-13671

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-13671",
    "description": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.",
    "id": "GSD-2020-13671"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-13671"
      ],
      "details": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.",
      "id": "GSD-2020-13671",
      "modified": "2023-12-13T01:21:47.278026Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2020-13671",
      "dateAdded": "2022-01-18",
      "dueDate": "2022-07-18",
      "product": "Drupal core",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Improper sanitization in the extension file names is present in Drupal core.",
      "vendorProject": "Drupal",
      "vulnerabilityName": "Drupal core Un-restricted Upload of File"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@drupal.org",
        "ID": "CVE-2020-13671",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Drupal Core",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "9.0 versions prior to 9.0.8"
                        },
                        {
                          "version_value": "8.9 versions prior to 8.9.9"
                        },
                        {
                          "version_value": "8.8 versions prior to 8.8.11"
                        },
                        {
                          "version_value": "7 versions prior to 7.74"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Drupal"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote code execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.drupal.org/sa-core-2020-012",
            "refsource": "CONFIRM",
            "url": "https://www.drupal.org/sa-core-2020-012"
          },
          {
            "name": "FEDORA-2020-6f1079934c",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
          },
          {
            "name": "FEDORA-2020-d50d74d6f2",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=7.0,\u003c7.74||\u003e=8.8,\u003c8.8.11||\u003e=8.9,\u003c8.9.9||\u003e=9.0,\u003c9.0.8",
          "affected_versions": "All versions starting from 7.0 before 7.74, all versions starting from 8.8 before 8.8.11, all versions starting from 8.9 before 8.9.9, all versions starting from 9.0 before 9.0.8",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-434",
            "CWE-937"
          ],
          "date": "2020-12-15",
          "description": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations.",
          "fixed_versions": [
            "8.0.0",
            "8.8.11",
            "8.9.9",
            "9.0.8"
          ],
          "identifier": "CVE-2020-13671",
          "identifiers": [
            "CVE-2020-13671"
          ],
          "not_impacted": "All versions before 7.0, all versions starting from 7.74 before 8.8, all versions starting from 8.8.11 before 8.9, all versions starting from 8.9.9 before 9.0, all versions starting from 9.0.8",
          "package_slug": "packagist/drupal/core-recommended",
          "pubdate": "2020-11-20",
          "solution": "Upgrade to versions 8.0.0, 8.8.11, 8.9.9, 9.0.8 or above.",
          "title": "Unrestricted Upload of File with Dangerous Type",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-13671",
            "https://www.drupal.org/sa-core-2020-012"
          ],
          "uuid": "9184d517-6159-4fcf-a5ad-3371254c78b0"
        },
        {
          "affected_range": "\u003e=7.0,\u003c7.74||\u003e=8.8,\u003c8.8.11||\u003e=8.9,\u003c8.9.9||\u003e=9.0,\u003c9.0.8",
          "affected_versions": "All versions starting from 7.0 before 7.74, all versions starting from 8.8 before 8.8.11, all versions starting from 8.9 before 8.9.9, all versions starting from 9.0 before 9.0.8",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-434",
            "CWE-937"
          ],
          "date": "2020-12-15",
          "description": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations",
          "fixed_versions": [
            "7.74",
            "8.8.11",
            "8.9.9",
            "9.0.8"
          ],
          "identifier": "CVE-2020-13671",
          "identifiers": [
            "CVE-2020-13671"
          ],
          "not_impacted": "All versions before 7.0, all versions starting from 7.74 before 8.8, all versions starting from 8.8.11 before 8.9, all versions starting from 8.9.9 before 9.0, all versions starting from 9.0.8",
          "package_slug": "packagist/drupal/core",
          "pubdate": "2020-11-20",
          "solution": "Upgrade to versions 7.74, 8.8.11, 8.9.9, 9.0.8 or above.",
          "title": "Unrestricted Upload of File with Dangerous Type",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-13671",
            "https://www.drupal.org/sa-core-2020-012"
          ],
          "uuid": "4d175371-16e3-48b4-b34e-225290203029"
        },
        {
          "affected_range": "\u003e=7.0,\u003c7.74||\u003e=8.8,\u003c8.8.11||\u003e=8.9,\u003c8.9.9||\u003e=9.0,\u003c9.0.8",
          "affected_versions": "All versions starting from 7.0 before 7.74, all versions starting from 8.8 before 8.8.11, all versions starting from 8.9 before 8.9.9, all versions starting from 9.0 before 9.0.8",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-434",
            "CWE-937"
          ],
          "date": "2020-12-15",
          "description": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations",
          "fixed_versions": [
            "9.0.8",
            "8.9.9",
            "8.8.11",
            "7.74"
          ],
          "identifier": "CVE-2020-13671",
          "identifiers": [
            "CVE-2020-13671"
          ],
          "not_impacted": "All versions before 7.0, all versions starting from 7.74 before 8.8, all versions starting from 8.8.11 before 8.9, all versions starting from 8.9.9 before 9.0, all versions starting from 9.0.8",
          "package_slug": "packagist/drupal/drupal",
          "pubdate": "2020-11-20",
          "solution": "Upgrade to versions 7.74, 8.8.11, 8.9.9, 9.0.8, or above",
          "title": "Unrestricted Upload of File with Dangerous Type",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-13671",
            "https://www.drupal.org/sa-core-2020-012"
          ],
          "uuid": "3f077eab-0ce2-422e-862a-dae26c887929"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.74",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.8.11",
                "versionStartIncluding": "8.8",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.9.9",
                "versionStartIncluding": "8.9",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.8",
                "versionStartIncluding": "9.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@drupal.org",
          "ID": "CVE-2020-13671"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-434"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.drupal.org/sa-core-2020-012",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.drupal.org/sa-core-2020-012"
            },
            {
              "name": "FEDORA-2020-6f1079934c",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
            },
            {
              "name": "FEDORA-2020-d50d74d6f2",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-01-01T18:19Z",
      "publishedDate": "2020-11-20T16:15Z"
    }
  }
}

FKIE_CVE-2020-13671

Vulnerability from fkie_nvd - Published: 2020-11-20 16:15 - Updated: 2025-11-03 18:06

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
mlhess@drupal.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/	Mailing List, Release Notes
mlhess@drupal.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/	Mailing List, Release Notes
mlhess@drupal.org	https://www.drupal.org/sa-core-2020-012	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/	Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/	Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://www.drupal.org/sa-core-2020-012	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671	US Government Resource

Impacted products

Vendor	Product	Version
drupal	drupal	*
drupal	drupal	*
drupal	drupal	*
drupal	drupal	*
fedoraproject	fedora	32
fedoraproject	fedora	33

JSON

To clipboard

{
  "cisaActionDue": "2022-07-18",
  "cisaExploitAdd": "2022-01-18",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Drupal core Un-restricted Upload of File",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32D3B8C5-C846-4F40-952A-004E52A44A85",
              "versionEndExcluding": "7.74",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69011CB4-0D3B-451C-B371-55A5EBD182A7",
              "versionEndExcluding": "8.8.11",
              "versionStartIncluding": "8.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE747DB-3EEA-4A49-BCDE-1188C578DED9",
              "versionEndExcluding": "8.9.9",
              "versionStartIncluding": "8.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB48D3F-1877-427E-8E75-82E7A6D1FC84",
              "versionEndExcluding": "9.0.8",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74."
    },
    {
      "lang": "es",
      "value": "Drupal core no sanea apropiadamente determinados nombres de archivo en los archivos cargados, lo que puede conllevar a unos archivos ser interpretados como la extensi\u00f3n incorrecta y servir como el tipo MIME incorrecto o ser ejecutados como PHP para determinadas configuraciones de alojamiento.\u0026#xa0;Este problema afecta: Drupal Drupal Core versiones 9.0 anteriores a 9.0.8, versiones 8.9 anteriores a 8.9.9, versiones 8.8 anteriores a 8.8.11 y  versiones 7 anteriores a 7.74"
    }
  ],
  "id": "CVE-2020-13671",
  "lastModified": "2025-11-03T18:06:21.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-11-20T16:15:15.433",
  "references": [
    {
      "source": "mlhess@drupal.org",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
    },
    {
      "source": "mlhess@drupal.org",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
    },
    {
      "source": "mlhess@drupal.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.drupal.org/sa-core-2020-012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.drupal.org/sa-core-2020-012"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671"
    }
  ],
  "sourceIdentifier": "mlhess@drupal.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-68JC-V27H-VHMW

Vulnerability from github – Published: 2021-10-12 16:28 – Updated: 2025-10-22 17:59

Summary

Drupal core Unrestricted Upload of File with Dangerous Type

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.9.0"
            },
            {
              "fixed": "8.9.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.8.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.74"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.74"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.8.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.9.0"
            },
            {
              "fixed": "8.9.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-13671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-434"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-10-08T22:20:20Z",
    "nvd_published_at": "2020-11-20T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.",
  "id": "GHSA-68jc-v27h-vhmw",
  "modified": "2025-10-22T17:59:37Z",
  "published": "2021-10-12T16:28:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13671"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13671.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13671.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/drupal/core"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671"
    },
    {
      "type": "WEB",
      "url": "https://www.drupal.org/sa-core-2020-012"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Drupal core Unrestricted Upload of File with Dangerous Type"
}

CERTFR-2020-AVI-760

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Drupal Core. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Drupal versions 9.x antérieures à 9.0.8
Drupal versions 8.9.x antérieures à 8.9.9
Drupal versions 8.8.x antérieures à 8.8.11
Drupal versions 7.x antérieures à 7.74

L'éditeur ne maintient plus les versions 8.x antérieures à 8.8. Les utilisateurs d'une version obsolète doivent préalablement mettre à jour Drupal pour bénéficier de tous les correctifs de sécurité.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Drupal sa-core-2020-012 du 19 novembre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eDrupal versions 9.x ant\u00e9rieures \u00e0 9.0.8\u003c/li\u003e \u003cli\u003eDrupal versions 8.9.x ant\u00e9rieures \u00e0 8.9.9\u003c/li\u003e \u003cli\u003eDrupal versions 8.8.x ant\u00e9rieures \u00e0 8.8.11\u003c/li\u003e \u003cli\u003eDrupal versions 7.x ant\u00e9rieures \u00e0 7.74\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne maintient plus les versions 8.x ant\u00e9rieures \u00e0 8.8. Les utilisateurs d\u0027une version obsol\u00e8te doivent pr\u00e9alablement mettre \u00e0 jour Drupal pour b\u00e9n\u00e9ficier de tous les correctifs de s\u00e9curit\u00e9.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-13671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13671"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-760",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-11-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Drupal Core. Elle permet \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Drupal Core",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Drupal sa-core-2020-012 du 19 novembre 2020",
      "url": "https://www.drupal.org/sa-core-2020-012"
    }
  ]
}

CERTFR-2020-AVI-760

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Drupal Core. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Drupal versions 9.x antérieures à 9.0.8
Drupal versions 8.9.x antérieures à 8.9.9
Drupal versions 8.8.x antérieures à 8.8.11
Drupal versions 7.x antérieures à 7.74

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Drupal sa-core-2020-012 du 19 novembre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eDrupal versions 9.x ant\u00e9rieures \u00e0 9.0.8\u003c/li\u003e \u003cli\u003eDrupal versions 8.9.x ant\u00e9rieures \u00e0 8.9.9\u003c/li\u003e \u003cli\u003eDrupal versions 8.8.x ant\u00e9rieures \u00e0 8.8.11\u003c/li\u003e \u003cli\u003eDrupal versions 7.x ant\u00e9rieures \u00e0 7.74\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne maintient plus les versions 8.x ant\u00e9rieures \u00e0 8.8. Les utilisateurs d\u0027une version obsol\u00e8te doivent pr\u00e9alablement mettre \u00e0 jour Drupal pour b\u00e9n\u00e9ficier de tous les correctifs de s\u00e9curit\u00e9.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-13671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13671"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-760",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-11-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Drupal Core. Elle permet \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Drupal Core",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Drupal sa-core-2020-012 du 19 novembre 2020",
      "url": "https://www.drupal.org/sa-core-2020-012"
    }
  ]
}

WID-SEC-W-2024-1938

Vulnerability from csaf_certbund - Published: 2020-11-18 23:00 - Updated: 2024-09-03 22:00

Summary

Drupal: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Drupal ist ein freies Content-Management-System, basierend auf der Scriptsprache PHP und einer SQL-Datenbank. Über zahlreiche Extensions kann der Funktionsumfang der Core-Installation individuell erweitert werden.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Drupal ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Drupal ist ein freies Content-Management-System, basierend auf der Scriptsprache PHP und einer SQL-Datenbank. \u00dcber zahlreiche Extensions kann der Funktionsumfang der Core-Installation individuell erweitert werden.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Drupal ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1938 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-1938.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1938 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1938"
      },
      {
        "category": "external",
        "summary": "Drupal Security Advisory vom 2020-11-18",
        "url": "https://www.drupal.org/sa-core-2020-012"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2458 vom 2020-11-19",
        "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00035.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6981-1 vom 2024-08-27",
        "url": "https://ubuntu.com/security/notices/USN-6981-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6981-2 vom 2024-09-03",
        "url": "https://ubuntu.com/security/notices/USN-6981-2"
      }
    ],
    "source_lang": "en-US",
    "title": "Drupal: Schwachstelle erm\u00f6glicht Ausf\u00fchren von beliebigem Programmcode mit den Rechten des Dienstes",
    "tracking": {
      "current_release_date": "2024-09-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-09-04T09:12:00.560+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.6"
        }
      },
      "id": "WID-SEC-W-2024-1938",
      "initial_release_date": "2020-11-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-11-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2020-11-19T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2020-12-07T23:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-D50D74D6F2, FEDORA-2020-6F1079934C"
        },
        {
          "date": "2021-10-12T22:00:00.000+00:00",
          "number": "4",
          "summary": "Referenz(en) aufgenommen: GHSA-68JC-V27H-VHMW"
        },
        {
          "date": "2024-08-27T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-09-03T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "6"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.0.8",
                "product": {
                  "name": "Open Source Drupal \u003c9.0.8",
                  "product_id": "T017735"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.8",
                "product": {
                  "name": "Open Source Drupal 9.0.8",
                  "product_id": "T017735-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:drupal:drupal:9.0.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.9.9",
                "product": {
                  "name": "Open Source Drupal \u003c8.9.9",
                  "product_id": "T017736"
                }
              },
              {
                "category": "product_version",
                "name": "8.9.9",
                "product": {
                  "name": "Open Source Drupal 8.9.9",
                  "product_id": "T017736-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:drupal:drupal:8.9.9"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.8.11",
                "product": {
                  "name": "Open Source Drupal \u003c8.8.11",
                  "product_id": "T017737"
                }
              },
              {
                "category": "product_version",
                "name": "8.8.11",
                "product": {
                  "name": "Open Source Drupal 8.8.11",
                  "product_id": "T017737-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:drupal:drupal:8.8.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.74",
                "product": {
                  "name": "Open Source Drupal \u003c7.74",
                  "product_id": "T017738"
                }
              },
              {
                "category": "product_version",
                "name": "7.74",
                "product": {
                  "name": "Open Source Drupal 7.74",
                  "product_id": "T017738-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:drupal:drupal:7.74"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Drupal"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-13671",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Drupal. W\u00e4hrend des Hochladens werden Dateien nur unzureichend auf b\u00f6swillige Erweiterungen \u00fcberpr\u00fcft. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um sch\u00e4dliche PHP-Dateien hochzuladen und auf dem Server zur Ausf\u00fchrung zu bringen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T000126",
          "T017735",
          "T017736",
          "T017737",
          "T017738"
        ]
      },
      "release_date": "2020-11-18T23:00:00.000+00:00",
      "title": "CVE-2020-13671"
    }
  ]
}

CNVD-2020-64563

Vulnerability from cnvd - Published: 2020-11-19

Title

Drupal远程代码执行漏洞（CNVD-2020-64563）

Description

Drupal是Drupal社区的一套使用PHP语言开发的开源内容管理系统。 Drupal存在远程代码执行漏洞。该漏洞是由于Drupal core未能正确地处理上传文件中的某些文件名，攻击者可利用漏洞通过上传恶意文件，在某些特定的配置下可能会被当作php解析，从而导致远程代码执行。

Severity

高

Patch Name

Drupal远程代码执行漏洞（CNVD-2020-64563）的补丁

Patch Description

Drupal是Drupal社区的一套使用PHP语言开发的开源内容管理系统。 Drupal存在远程代码执行漏洞。该漏洞是由于Drupal core未能正确地处理上传文件中的某些文件名，攻击者可利用漏洞通过上传恶意文件，在某些特定的配置下可能会被当作php解析，从而导致远程代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://www.drupal.org/sa-core-2020-012

Reference

https://www.drupal.org/sa-core-2020-012

Impacted products

Name
['Drupal Drupal 9.0.8', 'Drupal Drupal 8.9.9', 'Drupal Drupal 8.8.11', 'Drupal Drupal 7.7.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-13671"
    }
  },
  "description": "Drupal\u662fDrupal\u793e\u533a\u7684\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\n\nDrupal\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8eDrupal core\u672a\u80fd\u6b63\u786e\u5730\u5904\u7406\u4e0a\u4f20\u6587\u4ef6\u4e2d\u7684\u67d0\u4e9b\u6587\u4ef6\u540d\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u901a\u8fc7\u4e0a\u4f20\u6076\u610f\u6587\u4ef6\uff0c\u5728\u67d0\u4e9b\u7279\u5b9a\u7684\u914d\u7f6e\u4e0b\u53ef\u80fd\u4f1a\u88ab\u5f53\u4f5cphp\u89e3\u6790\uff0c\u4ece\u800c\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.drupal.org/sa-core-2020-012",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-64563",
  "openTime": "2020-11-19",
  "patchDescription": "Drupal\u662fDrupal\u793e\u533a\u7684\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nDrupal\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8eDrupal core\u672a\u80fd\u6b63\u786e\u5730\u5904\u7406\u4e0a\u4f20\u6587\u4ef6\u4e2d\u7684\u67d0\u4e9b\u6587\u4ef6\u540d\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u901a\u8fc7\u4e0a\u4f20\u6076\u610f\u6587\u4ef6\uff0c\u5728\u67d0\u4e9b\u7279\u5b9a\u7684\u914d\u7f6e\u4e0b\u53ef\u80fd\u4f1a\u88ab\u5f53\u4f5cphp\u89e3\u6790\uff0c\u4ece\u800c\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Drupal\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2020-64563\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Drupal Drupal 9.0.8",
      "Drupal Drupal 8.9.9",
      "Drupal Drupal 8.8.11",
      "Drupal Drupal 7.7.4"
    ]
  },
  "referenceLink": "https://www.drupal.org/sa-core-2020-012",
  "serverity": "\u9ad8",
  "submitTime": "2020-11-19",
  "title": "Drupal\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2020-64563\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-13671 (GCVE-0-2020-13671)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

GSD-2020-13671

FKIE_CVE-2020-13671

GHSA-68JC-V27H-VHMW

CERTFR-2020-AVI-760

Solution

CERTFR-2020-AVI-760

Solution

WID-SEC-W-2024-1938

CNVD-2020-64563

Tags

Sightings

Nomenclature