CVE-2009-4367

NONECVSS 0.0

0.0

The Staging Webservice ("sitecore modules/staging/service/api.asmx") in Sitecore Staging Module 5.4.0 rev.080625 and earlier allows remote attackers to bypass authentication and (1) upload files, (2) download files, (3) list directories, and (4) clear the server cache via crafted SOAP requests with arbitrary Username and Password values, possibly related to a direct request.

🔗 References (14)

cve@mitrehttp://osvdb.org/61147
cve@mitrehttp://secunia.com/advisories/37763
cve@mitrehttp://www.exploit-db.com/exploits/10513
cve@mitrehttp://www.securityfocus.com/archive/1/508529/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/37388
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/54881
cve@mitrehttps://www.sec-consult.com/files/20091217-0_sitecore_StagingModule_1.0.txt
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/61147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37763
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/10513
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/508529/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37388
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/54881
af854a3a-2127-422b-91ae-364da2661108https://www.sec-consult.com/files/20091217-0_sitecore_StagingModule_1.0.txt

Is Your Infrastructure Affected by CVE-2009-4367?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-4367

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-4367?