HTTP: dotCMS CMSFilter assets Access Control Weakness
This signature detects attempts to exploit a known vulnerability against dotCMS content management system. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. It allows an attacker to read or execute files under $TOMCAT_HOME/webapps/ROOT/assets (which should be a protected directory). Additionally, attackers can upload temporary files (e.g., .jsp files) into /webapps/ROOT/assets/tmp_upload, which can lead to remote command execution (with the permissions of the user running the dotCMS application).
Affected Products
Dotcms dotcms
References
CVE: CVE-2022-45783
Short Name
HTTP:DIR:CTS-DOTCMS-FILTER-DTRV
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Access CMSFilter CVE-2020-6754 CVE-2022-45783 Control Weakness assets dotCMS
Release Date
04/14/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Dotcms
CVSS Score
7.5