Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CVE-2019-6342 flaw allows hackers to fully compromise Drupal 8.7.4 websites

Drupal developers urge users to update their installs to version 8.7.5, which addresses the CVE-2019-6342 flaw that allows hackers to take control of Drupal 8 sites. Drupal developers informed users that version 8.7.4 is affected by a critical flaw, tracked as CVE-2019-6342, that could be exploited by attackers to take control of Drupal 8 websites. […]

Drupal

Drupal developers urge users to update their installs to version 8.7.5, which addresses the CVE-2019-6342 flaw that allows hackers to take control of Drupal 8 sites.

Drupal developers informed users that version 8.7.4 is affected by a critical flaw, tracked as CVE-2019-6342, that could be exploited by attackers to take control of Drupal 8 websites. Users have to update to version 8.7.5 to address the vulnerability.

The issue resides in the Drupal 8.7.4, it is an access bypass vulnerability that can be triggered when the experimental Workspaces module is enabled.

“In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created.” reads the security advisory.

The vulnerability can be mitigated by disabling the Workspaces module.

“For sites with the Workspaces module enabled, update.php needs to run to ensure a required cache clear. If there is a reverse proxy cache or content delivery network (e.g. Varnish, CloudFlare) it is also advisable to clear these as well.” continues the advisory.

The development team pointed out that the flaw only affects Drupal 8.7.4 release, earlier versions are not affected.

The flaw was reported by the Dave Botsch, the good news is that there is no evidence of cyber attacks exploiting the flaw in the wild. Anyway, security experts believe that threat actors could start exploiting the flaw very soon because it affects default configurations, it is easy to exploit and require minimal user interaction to be triggered.

The U.S. Department of Homeland Security (DHS) has also published a security update for the CVE-2019-6342 flaw.

Drupal websites are privileged targets for hackers, in the past several campaigns leveraged other flaws in the popular CMS. In February, just three days after the CVE-2019-6340 flaw was addressed, threat actors in the wild started exploiting the issue to deliver cryptocurrency miners and other payloads.

In 2018, threat actors compromised many Drupal sites by exploiting other two flaw dubbed Drupalgeddon2 and Drupalgeddon3.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – CVE-2019-6342, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]