drupal
Opgelost in
8.0.1
8.7.5
CVE-2019-6342 describes an access bypass vulnerability discovered in Drupal Core. This flaw allows attackers to circumvent access controls, potentially gaining unauthorized access to sensitive data and functionality. The vulnerability affects Drupal Core versions up to 8.7.4 and can be mitigated by disabling the experimental Workspaces module. A patch is available in version 8.7.5.
The impact of CVE-2019-6342 is significant due to the potential for complete access bypass. An attacker who successfully exploits this vulnerability can modify data, create or delete content, and potentially compromise the entire Drupal instance. This is particularly concerning for sites using the Workspaces module, as it provides a convenient way to create isolated development environments, which could be targeted to gain broader access. The ability to bypass access controls effectively grants an attacker administrative privileges, enabling them to perform any action within the Drupal system.
CVE-2019-6342 was publicly disclosed on January 11, 2024. While no active exploitation campaigns have been definitively linked to this vulnerability, the CRITICAL severity and ease of exploitation suggest it remains a significant risk. No public proof-of-concept exploits are widely available, but the simplicity of the bypass makes it likely that such exploits will emerge. It is not listed on the CISA KEV catalog as of this writing.
Organizations and individuals running Drupal Core versions 8.7.4 or earlier, particularly those utilizing the Workspaces module, are at significant risk. Sites with sensitive data or critical functionality are especially vulnerable. Shared hosting environments running vulnerable Drupal instances pose a risk to multiple tenants.
• drupal: Check Drupal core version using drush --version. If the version is <= 8.7.4, the system is vulnerable.
• drupal: Verify the Workspaces module is enabled using drush pm:list. If enabled, consider disabling it as a temporary mitigation.
• generic web: Monitor Drupal logs (typically in /var/log/apache2/error.log or similar) for unusual access patterns or attempts to access restricted resources.
disclosure
Exploit Status
EPSS
0.20% (42% percentiel)
CVSS-vector
The primary mitigation for CVE-2019-6342 is to upgrade Drupal Core to version 8.7.5 or later. If upgrading immediately is not possible, disabling the Workspaces module provides a temporary workaround. This will prevent the vulnerability from being exploited, but will also disable the functionality provided by the module. Consider implementing stricter access controls and regularly reviewing user permissions to further reduce the attack surface. After upgrading, confirm the fix by attempting to access restricted areas of the Drupal site with a non-administrative user account; access should be denied.
Desactive el módulo Workspaces. Este problema solo afecta a la versión 8.7.4 de Drupal.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2019-6342 is a critical vulnerability in Drupal Core versions up to 8.7.4 that allows attackers to bypass access controls when the Workspaces module is enabled, potentially granting unauthorized access.
You are affected if you are running Drupal Core version 8.7.4 or earlier and have the Workspaces module enabled. Upgrade to 8.7.5 or disable the Workspaces module to mitigate the risk.
The recommended fix is to upgrade Drupal Core to version 8.7.5 or later. As a temporary workaround, disable the Workspaces module until you can upgrade.
While no active exploitation campaigns have been confirmed, the vulnerability's criticality and ease of exploitation suggest it remains a significant risk. Monitor your systems for suspicious activity.
Refer to the official Drupal security advisory for detailed information and updates: https://www.drupal.org/security/advisories/cove-2019-6342
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je composer.lock-bestand en we vertellen je direct of je getroffen bent.