SB2020050104 - Web Application Firewall bypass in Bitrix CMS
Published: May 1, 2020 Updated: May 13, 2020
Security Bulletin ID
SB2020050104
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: N/A)
The vulnerability allows a remote attacker to bypass web application firewall.
The vulnerability exists due to insufficient validation of user-supplied input when processing NULL byte character within the Proactive Protection module version 19.0.0 and below in Bitrix Site Manager. A remote attacker can pass specially crafted input to the application that contains a NULL byte (%00) and bypass Web Application Firewall rules.
Vulnerable code:
Not loaded
PoC Request:
http://[host]/?test=tetsBYPASS%00")});alert(1);$(document).ready(function (){%2f%2f
Remediation
Install update from vendor's website.