The Australian Cyber Security Center (ACSC) is alerting web admins of the active exploitation of CVE-2021-42237, a remote code execution flaw in the Sitecore Experience Platform (Sitecore XP).
Sitecore XP is an enterprise-level content management system with data analytics (CMS) used by well-known companies, including American Express, IKEA, Carnival Cruise Lines, L’Oréal, and Volvo.
On October 13th, Sitecore disclosed and released patch for a pre-authentication remote code execution vulnerability tracked as CVE-2021-42237 affecting the Sitecore Experience Platform.
Also Read: AI Auditing Framework: Draft Guidance for Organizations
Last week, cybersecurity firm Assetnote published a technical write-up on vulnerability allowing hackers to use the details to create exploits and actively exploit vulnerable websites.
“There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update,” warned the ACSC in a new advisory released Friday.
The vulnerable Sitecore XP component used in the attacks is Report.ashx, which provides a high-level view of analytics, engagement, and SEO success.
“This issue is related to a remote code execution vulnerability through insecure deserialization in the Report.ashx file. This file was used to drive the Executive Insight Dashboard (of Silverlight report) that was deprecated in 8.0 Initial Release,” explains Sitecore in their security advisory.
The vulnerability does not require authentication, and it allows any remote attacker to exploit a vulnerable server and gain complete control over it.
However, after Microsoft deprecated Silverlight, this Sitecore XP functionality was deprecated in version 8.0, causing only specific platform versions to be affected by the vulnerability.
The Sitecore XP versions affected by the RCE vulnerability are:
This vulnerability affects all versions of Sitecore XP, including all “single-instance and multi-instance environments, Managed Cloud environments, and all Sitecore server roles (Content Delivery, Content Editing, Reporting, Processing, etc.), which are exposed to the Internet.”
Also Read: How to Make Data Protection Addendum Template in Simple Way
The recommended solution is to upgrade to a secure version, ideally Sitecore XP 9.0 or higher.
Alternatively, you can mitigate the flaw by deleting the Report.ashx file from “/sitecore/shell/ClientBin/Reporting/Report.ashx“on all server instances.
For more details on mitigating the Sitecore XP CVE-2021-42237 vulnerability and how it affects your installed version, you can review Sitecore’s security bulletin.
Role of Enhanced Access Controls in Safeguarding Personal Data in Telecommunications that every Organisation in…
Effective Incident Response Procedures in Strengthening Data Security that every Organisation in Singapore should know…
Crucial Role of Regular Vulnerability Scanning that every Organisation in Singapore should know. Strengthening Your…
Enhancing Data Security with Multi-Factor Authentication that every Organisation in Singapore should know. Enhancing Data…
Strong Password Policy as a first line of defense against data breaches for Organisations in…
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
This website uses cookies.
