Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1nZmhwLWpncDYtODM4as4AAvIk
Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.
Impact
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS.
Authentication is required to exploit this vulnerability.
The authenticated user may perform the actions unknowingly by visiting a specially crafted site.
Patches
Patched in C1 CMS v6.13
Workarounds
Upgrade to C1 CMS v6.13 or newer is required
Credit
This issue was discovered and reported by Markus Wulftange / Code White GmbH.
Permalink: https://github.com/advisories/GHSA-gfhp-jgp6-838jJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1nZmhwLWpncDYtODM4as4AAvIk
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: about 2 years ago
Updated: over 1 year ago
CVSS Score: 9.1
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Percentage: 0.00707
EPSS Percentile: 0.80655
Identifiers: GHSA-gfhp-jgp6-838j, CVE-2022-39256
References:
- https://github.com/Orckestra/C1-CMS-Foundation/security/advisories/GHSA-gfhp-jgp6-838j
- https://nvd.nist.gov/vuln/detail/CVE-2022-39256
- https://github.com/Orckestra/C1-CMS-Foundation/pull/814
- https://github.com/Orckestra/C1-CMS-Foundation/releases/tag/v6.13
- https://github.com/Orckestra/C1-CMS-Foundation/commit/af856ab5a62d19acf6aea1b1f4c6c3c4985c9446
- https://github.com/advisories/GHSA-gfhp-jgp6-838j
Blast Radius: 1.0
Affected Packages
nuget:CompositeC1.Core
Dependent packages: 0Dependent repositories: 0
Downloads: 109,213 total
Affected Version Ranges: < 6.13
Fixed in: 6.13
All affected versions: 4.2.0, 4.2.1, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.3.0, 5.4.0, 5.5.0, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 6.4.0, 6.5.0, 6.6.0, 6.7.0, 6.8.0, 6.9.0, 6.10.0, 6.11.0, 6.12.0
All unaffected versions: 6.13.0