Vulnerabilities > CVE-2017-6919 - Access Bypass vulnerability in Drupal

CVSS 6.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

drupal

nessus

NVD

Published: 2017-04-20

Updated: 2019-10-03

Summary

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

Vulnerable Configurations

Part	Description	Count
Application	Drupal Drupal Drupal 8.0.0 Drupal Drupal 8.0.1 Drupal Drupal 8.0.2 Drupal Drupal 8.0.3 Drupal Drupal 8.0.4 Drupal Drupal 8.0.5 Drupal Drupal 8.0.6 Drupal Drupal 8.1.0 Drupal Drupal 8.1.1 Drupal Drupal 8.1.2 Drupal Drupal 8.1.3 Drupal Drupal 8.1.4 Drupal Drupal 8.1.5 Drupal Drupal 8.1.6 Drupal Drupal 8.1.7 Drupal Drupal 8.1.8 Drupal Drupal 8.1.9 Drupal Drupal 8.1.10 Drupal Drupal 8.2.0 Drupal Drupal 8.2.1 Drupal Drupal 8.2.2 Drupal Drupal 8.2.3 Drupal Drupal 8.2.4 Drupal Drupal 8.2.5 Drupal Drupal 8.2.6 Drupal Drupal 8.2.7 Drupal Drupal 8.3.0	71

Nessus

NASL family	CGI abuses
NASL id	DRUPAL_8_2_8.NASL
description	According to its self-reported version, the instance of Drupal running on the remote web server is 8.x prior to 8.2.8 or 8.3.x prior to 8.3.1. It is, therefore, affected by an access bypass vulnerability due to an unspecified flaw when the RESTful Web Services (rest) module is enabled and the site allows PATCH requests. An authenticated, remote attacker can exploit this to bypass critical access restrictions. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	99690
published	2017-04-26
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/99690
title	Drupal 8.x < 8.2.8 / 8.3.x < 8.3.1 Access Bypass Vulnerability (SA-CORE-2017-002)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-E8767A2FBB.NASL
description	- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1) - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2017-05-02
plugin id	99925
published	2017-05-02
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/99925
title	Fedora 24 : drupal8 (2017-e8767a2fbb)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_1455C86C26C211E79DAA6CF0497DB129.NASL
description	Drupal Security Team Reports : CVE-2017-6919: Access bypass
last seen	2020-06-01
modified	2020-06-02
plugin id	99615
published	2017-04-24
reporter	This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/99615
title	FreeBSD : drupal8 -- Drupal Core - Critical - Access Bypass (1455c86c-26c2-11e7-9daa-6cf0497db129)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-CCDF272E60.NASL
description	- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1) - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2017-07-17
plugin id	101720
published	2017-07-17
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101720
title	Fedora 26 : drupal8 (2017-ccdf272e60)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-041473E742.NASL
description	- [8.3.1](https://www.drupal.org/project/drupal/releases/8 .3.1) - [Drupal Core - Critical - Access Bypass - SA-CORE-2017-002](https://www.drupal.org/SA-CORE-2017-00 2) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2017-05-02
plugin id	99922
published	2017-05-02
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/99922
title	Fedora 25 : drupal8 (2017-041473e742)

Seebug

bulletinFamily	exploit
description	This is a critical access bypass vulnerability. A site is only affected by this if all of the following conditions are met: * The site has the RESTful Web Services (`rest`) module enabled. * The site allows `PATCH` requests. * An attacker can get or register a user account on the site. While we don't normally provide security releases for [unsupported minor releases](https://www.drupal.org/core/release-cycle-overview), given the potential severity of this issue, we have also provided an 8.2.x release to ensure that sites that have not had a chance to update to 8.3.0 can update safely.
id	SSV:92989
last seen	2017-11-19
modified	2017-04-21
published	2017-04-21
reporter	Root
title	Drupal Core - Access Bypass vulnerability (CVE-2017-6919)

Summary

Vulnerable Configurations

Nessus

Seebug

References