Plattform
java
Komponente
xwiki-platform
Behoben in
7.2.1
CVE-2020-11057 is a critical Remote Code Execution (RCE) vulnerability affecting XWiki Platform versions 7.2 through 11.10.2. This vulnerability allows registered users lacking scripting permissions to execute Python or Groovy scripts while editing their personal dashboards, potentially leading to complete system compromise. The vulnerability has been resolved in versions 11.3.7, 11.10.3, and 12.0.
The impact of CVE-2020-11057 is severe. An attacker can leverage this vulnerability to execute arbitrary code on the XWiki server with the privileges of the user editing the dashboard. This could lead to data exfiltration, system takeover, and potentially lateral movement within the network if the XWiki server has access to other resources. The ability to execute arbitrary code opens the door to a wide range of malicious activities, including installing malware, modifying data, and disrupting services. The ease of exploitation, requiring only a registered user account, significantly expands the potential attack surface.
CVE-2020-11057 was publicly disclosed on May 12, 2020. While no active exploitation campaigns have been definitively linked to this CVE, the ease of exploitation and the critical severity make it a high-priority target. No KEV listing is currently available. Public proof-of-concept exploits are available, demonstrating the vulnerability's ease of exploitation.
Organizations using XWiki Platform in environments where user dashboards are extensively used and where users have been granted permissions that allow script execution are particularly at risk. Shared hosting environments where multiple users share the same XWiki instance are also vulnerable, as a compromised user account could potentially impact other users.
• java / server:
ps -ef | grep -i xwiki• java / server:
journalctl -u xwiki -f | grep -i "script execution"• generic web:
curl -I <xwiki_url>/xwiki/bin/view/Main/Dashboard• generic web: Check XWiki server logs for unusual script execution attempts or errors related to script parsing.
disclosure
patch
Exploit-Status
EPSS
1.75% (83% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2020-11057 is to upgrade XWiki Platform to version 11.10.3 or later, or to version 12.0. If immediate upgrading is not possible, consider restricting user permissions to prevent script execution within dashboards. Implement strict input validation and sanitization on all user-supplied data. Review existing dashboards for any suspicious scripts. After upgrading, verify the fix by attempting to execute a script within a user's dashboard with a non-privileged account; the script should be rejected.
Actualice XWiki Platform a la versión 11.3.7, 11.10.3 o 12.0 para corregir la vulnerabilidad de inyección de código. Esto evitará que usuarios registrados sin permisos de scripting ejecuten scripts no autorizados al editar dashboards personales.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2020-11057 is a critical Remote Code Execution vulnerability in XWiki Platform versions 7.2 through 11.10.2, allowing unauthorized script execution.
If you are running XWiki Platform versions 7.2 through 11.10.2, you are potentially affected by this vulnerability. Upgrade to a patched version immediately.
Upgrade XWiki Platform to version 11.10.3 or 12.0. As a temporary workaround, restrict user permissions to prevent script execution in dashboards.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the official XWiki security advisory: https://www.xwiki.com/en/security/advisories/XW-SA-2020-004/
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.