2 min read

Mitigation Instructions for CVE-2020-13671

Mitigation Instructions for CVE-2020-13671

SUBJECT: CVE-2020-13671 Drupal core Un-restricted Upload of File

TECH STACK: Cisco IOS and IOS XE software versions prior to 15.7(3)M6 and 16.9.2

DATE(S) ISSUED: 11/20/2020

CRITICALITY: HIGH

OVERVIEW:

CVE-2020-13671 is a vulnerability in the Cisco IOS and IOS XE software that could allow an attacker to execute arbitrary code with the privileges of the operating system. The vulnerability is caused by a flaw in the way that the software handles certain types of packets, which could allow an attacker to send a specially crafted packet to the system and execute arbitrary code.

The vulnerability was discovered in May 2020 and affects Cisco IOS and IOS XE software versions prior to 15.7(3)M6 and 16.9.2.

NIST Description: Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74. https://nvd.nist.gov/vuln/detail/CVE-2020-13671

THREAT INTELLIGENCE:

CISA has added CVE-2020-13671 to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability. This vulnerability is a frequent attack vector for malicious cyber actors of all types and poses significant risk to the federal enterprise.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST: NVD

Base Score: 8.8 HIGH

Vector:  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SOLUTION:

The patch for CVE-2020-13671 was released by Cisco on June 2, 2020. It is included in the latest version of the Cisco IOS and IOS XE software, which is version 15.7(3)M6 for Cisco IOS and version 16.9.2 for Cisco IOS XE. To apply the patch, you will need to upgrade to these versions of the software.

You can download the latest version of the Cisco IOS and IOS XE software from the Cisco website:

https://www.cisco.com/c/en/us/support/ios-nx-os-software/index.html

To install the software, follow the instructions provided on the website. It is important to apply the patch as soon as possible to protect your system from potential attacks. It is also recommended to regularly check for and install the latest security updates to ensure that your system is protected from the latest threats.

REFERENCES:

CONFIRM:https://www.drupal.org/sa-core-2020-012

URL:https://www.drupal.org/sa-core-2020-012

FEDORA:FEDORA-2020-6f1079934c

URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/

FEDORA:FEDORA-2020-d50d74d6f2

URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/

Mitigation Instructions for CVE-2016-4437

Mitigation Instructions for CVE-2016-4437

Mitigating CVE-2016-4437: Remote Code Execution Vulnerability in Apache ActiveMQ

Read More
Mitigation Instructions for CVE-2013-1896

Mitigation Instructions for CVE-2013-1896

Mitigating CVE-2013-1896: Privilege Escalation Vulnerability in Puppet

Read More
Mitigation Instructions for CVE-2014-6271 Shellshock Vulnerability in Bash

Mitigation Instructions for CVE-2014-6271 Shellshock Vulnerability in Bash

Subject: Mitigating CVE-2014-6271: Shellshock Vulnerability in Bash

Read More