FKIE_CVE-2017-10993

Vulnerability from fkie_nvd - Published: 2017-07-21 06:29 - Updated: 2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
References
cve@mitre.orghttps://contao.org/en/news/contao-3_5_28.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://contao.org/en/news/contao-3_5_28.htmlVendor Advisory
Impacted products
Vendor Product Version
contao contao_cms *
contao contao_cms 4.0.0
contao contao_cms 4.0.0
contao contao_cms 4.0.0
contao contao_cms 4.0.1
contao contao_cms 4.0.2
contao contao_cms 4.0.3
contao contao_cms 4.0.4
contao contao_cms 4.1.0
contao contao_cms 4.1.0
contao contao_cms 4.1.0
contao contao_cms 4.1.1
contao contao_cms 4.1.2
contao contao_cms 4.1.3
contao contao_cms 4.2.0
contao contao_cms 4.2.0
contao contao_cms 4.2.0
contao contao_cms 4.2.1
contao contao_cms 4.2.2
contao contao_cms 4.2.3
contao contao_cms 4.2.4
contao contao_cms 4.2.5
contao contao_cms 4.3.0
contao contao_cms 4.3.0
contao contao_cms 4.3.1
contao contao_cms 4.3.2
contao contao_cms 4.3.3
contao contao_cms 4.3.5
contao contao_cms 4.3.6
contao contao_cms 4.3.7
contao contao_cms 4.3.8
contao contao_cms 4.3.9
contao contao_cms 4.3.10
contao contao_cms 4.3.11
contao contao_cms 4.4.0
contao contao_cms 4.4.0
contao contao_cms 4.4.0
contao contao_cms 4.4.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "345EFF44-3226-4823-92C5-3E94043A0384",
              "versionEndIncluding": "3.5.27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A36BE117-EB7C-416B-A0C8-FAD70E65C7F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "63498341-5F80-4552-A533-3DA0C398FEA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D08FA6D9-CFF9-496A-A4E3-35CFBB832802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45C3808-BEDF-403A-A972-630067B29525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "590812CA-69C8-433B-B95E-F9419655E950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE4F7CE-9A04-4A84-9C45-28DC84A386BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C978D3A-B6B3-4BD7-9C49-F5D9C076B498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "50F00A7E-AE29-40CA-AE6B-D5FEBE483CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "F57CC647-3B81-475D-A4A3-499D223941F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D0473068-D670-41FE-AFCD-0B14E9EC8705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD176B3F-51E2-4BC0-9C34-116C2532F2D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB7FC43-D899-4AF2-B48B-CA689D8E0E60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3856C8EA-96A6-4164-BA6B-C7B2827416C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7B0B82-B936-4283-BB12-16E4CD1024A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "F67D76B5-92C0-4403-9F7C-DB91C0A8E52B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "103492BC-2152-41D6-9A3D-EE95AE5AE8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E9C0D4-3DC2-4AB6-BE48-FBAB387FF24A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "228151A7-BBC0-413C-9220-05D3F45D148F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A00DDA-346C-476F-832B-D0DA9B8CB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "563EA1E3-ECB2-454B-BC0D-5E7AFE2A1566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A33B5AE6-7AD8-4F7A-8E72-21962C601E82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5239F9C4-1601-477D-9CB4-C95586BB3F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "45C8E022-7F37-4BFA-9D28-C083ADE58CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "479DEA11-6158-476F-AEC6-2BED5AC3FC5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "75BE9E24-F0EA-4D5F-B172-92EBE3FC8F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4728FDD-09FD-4752-AC10-BEA4BFC3C16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBD2BD2-341E-4332-8A78-8973895A8C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA95607-828A-4FBB-818F-D22DBD4A19DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E145183E-26DD-435B-B060-8E3F17F0EA7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3036F-A8BA-402F-9F94-E5A8CA880606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "47FE8357-7569-4F12-847B-F615BBB75486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA64EC0D-FACA-4683-84AA-8288BECD376D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE3E158-9C34-490E-8858-F887A98AFB9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3759FE91-B5BF-4DAD-B972-FB23C5FE12C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.4.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "45C095B1-09F3-43EE-9738-8157ED74A5F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.4.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0D08445B-DCB8-416A-A0E1-62D9E1E68B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:contao:contao_cms:4.4.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1A176687-80CF-4159-97CA-05B332F5E295",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal."
    },
    {
      "lang": "es",
      "value": "Contao anterior a versi\u00f3n 3.5.28 y versi\u00f3n 4.x anterior a 4.4.1, permite que los atacantes remotos incluyan y ejecuten archivos PHP locales arbitrarios por medio de un par\u00e1metro creado en una URL, tambi\u00e9n se conoce como Salto de Directorio."
    }
  ],
  "id": "CVE-2017-10993",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-21T06:29:00.200",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://contao.org/en/news/contao-3_5_28.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://contao.org/en/news/contao-3_5_28.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.