|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-12-23 | |
| Rule Name: | Drupal Drupalgeddon 2 Remote Code Execution Vulnerability (CVE-2018-7600) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:103534 ExploitDB:44448 ExploitDB:44482 SecurityTrackerID:1040598 |
|
| Solutions |
|---|
| There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. |