The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via a crafted userzone cookie.
Published 2017-09-19 15:29:01
Updated 2018-01-27 02:29:02
Source MITRE
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2017-14143

Probability of exploitation activity in the next 30 days: 75.90%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2017-14143

  • Kaltura Remote PHP Code Execution over Cookie
    Disclosure Date: 2017-09-12
    First seen: 2020-04-26
    exploit/linux/http/kaltura_unserialize_cookie_rce
    This module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura makes use of a hardcoded cookie secret which allows to sign

CVSS scores for CVE-2017-14143

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
9.8
CRITICAL CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

CWE ids for CVE-2017-14143

  • The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-14143

Products affected by CVE-2017-14143

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!