Remote code execution in Nuxeo Platform
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-5869 |
| CWE-ID | CWE-22 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Nuxeo Platform Client/Desktop applications / Other client software |
| Vendor | Nuxeo |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Path traversal
EUVDB-ID: #VU7337
Risk: High
CVSSv4.0: 7.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2017-5869
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code.
The weakness exists due to directory traversal in the file import feature. A remote attacker can submit a specially crafted JSP code and execute it on a targeted system.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nuxeo Platform: 6.0 - 7.3
CPE2.3- cpe:2.3:a:nuxeo:nuxeo_platform:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:nuxeo:nuxeo_platform:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:nuxeo:nuxeo_platform:7.2:*:*:*:*:*:*:*
https://github.com/nuxeo/nuxeo/commit/6b3113977ef6c2307f940849a2c196621ebf1892
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
