CVE-2024-45440 Scanner
CVE-2024-45440 Scanner - Information Disclosure vulnerability in Drupal
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 weeks 3 hours
Scan only one
URL
Toolbox
-
Drupal is a popular content management system (CMS) used by websites worldwide for creating, managing, and publishing content. Organizations utilize Drupal due to its robust framework, flexibility, and the ability to support complex web applications. It is often used by educational institutions, government agencies, and large businesses to build and maintain dynamic websites. Drupal provides a platform for customizing site features and aesthetics, supporting numerous third-party plugins and extensions. Its open-source nature allows developers to collaborate and contribute to expanding its capacity and functionality. The system is known for maintaining strong security standards and providing regular updates to address vulnerabilities.
Information Disclosure vulnerabilities arise when a web application discloses data that is not intended to be accessible by unauthorized users. This specific vulnerability pertains to Drupal x-dev, where core/authorize.php may unintentionally expose full path information. The issue occurs if the value of hash_salt is set to file_get_contents of a non-existent file, potentially revealing system paths. This vulnerability might compromise the site's confidentiality by leaking internal path structures to attackers. Exposing such details can aid attackers in crafting more targeted cyber threats against the site.
This vulnerability involves the core/authorize.php endpoint in Drupal's x-dev version, where a misconfigured hash_salt value can lead to file path disclosure. Specifically, the vulnerability is triggered when the hash_salt is instructed to retrieve content from a file path that does not exist. Upon this misconfiguration, the system throws a RuntimeException, alongside exposing part of its internal path in the process. By accessing particular URL paths, attackers can exploit this process to gather insights about the file structure. Ensuring that error logging configurations are correctly set is pivotal in preventing such disclosures.
When exploited, this vulnerability could grant attackers access to sensitive path information within the Drupal installation. Such disclosures can serve as a stepping stone for further intrusions, as attackers may use the information to map the application’s internal file structure. This knowledge could assist attackers in identifying additional vulnerabilities, manipulating file paths, or conducting further reconnaissance. Ultimately, exploiting this flaw could compromise the integrity of the web application, leading to unauthorized access or data breaches. Protecting against this requires vigilant configuration and a proactive security posture.
REFERENCES