CVE-2012-5358

EUVD-2012-5279
The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial of service, or possibly have unspecified other impact via crafted XSL data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
ektronektron_content_management_system
𝑥
≤ 8.02
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://documentation.ektron.com/current/ReleaseNotes/Release8/8.02SP5.htm
https://technet.microsoft.com/library/security/msvr12-016
https://webstersprodigy.net/2012/10/25/cve-2012-5357cve-1012-5358-cool-ektron-xslt-rce-bugs/
http://documentation.ektron.com/current/ReleaseNotes/Release8/8.02SP5.htm
https://technet.microsoft.com/library/security/msvr12-016
https://webstersprodigy.net/2012/10/25/cve-2012-5357cve-1012-5358-cool-ektron-xslt-rce-bugs/