HomesecurityVulnerability allows hackers to occupy Drupal 8 sites

Vulnerability allows hackers to occupy Drupal 8 sites


Drupal users were notified yesterday by them developers that the 8.7.4 version is affected by a serious vulnerability and was asked to inform it 8.7.5 version, which addresses the problem.

The vulnerability, called CVE-2019-6342, has been described as "critical" severity. Drupal developers use the NIST's Common Misuse Scoring System to determine the vulnerability risk level. This means that the classification as "critical" is second in the risk scale, after "very critical".

The defect, described as a bypass access problem, can be triggered when the experimental Workspaces module is enabled and exploited to take control of a site.

Dave Botsch was the one who discovered and indicated the vulnerability to Drupal developers and so far there is no evidence of exploitation for malicious purposes. However, this security gap could be a tempting target for hackers, as it affects the default / standard configurations, no authentication is required, and exploitation requires minimal interaction with the user.

The defect only affects Drupal 8.7.4. Drupal 8.7.3 and earlier versions, 8.6.x and earlier and 7.x are not affected. Users who can not update the 8.7.5 version to fix the vulnerability can prevent possible attacks by disabling the Workspaces module.

The US Department of Homeland Security (DHS) advises users to read Drupal recommendations and take the necessary action.

Exploiting Drupal's vulnerabilities is not new. Earlier this year, the attackers began exploiting the CVE-2019-6340 defect to divide cryptocurrency miners and other payloads, just days after the release of an updated code.

Also last year hackers exploited two vulnerabilities known as Drupalgeddon2 and Drupalgeddon3. Attackers used vulnerabilities to share RATs, cryptocurrency miners and technical support scams.

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement