Bitrix Site Manager Уязвимости

Временная шкала

Версия

4.1.x	4
4.0.x	2
6.5	2

Устранение последствий

Official Fix	2
Temporary Fix	0
Workaround	0
Unavailable	6
Not Defined	2

Эксплуатационная пригодность

High	0
Functional	0
Proof-of-Concept	8
Unproven	2
Not Defined	0

Вектор доступа

Not Defined	0
Physical	0
Local	2
Adjacent	0
Network	8

Аутентификация

Not Defined	0
High	0
Low	2
None	8

Взаимодействие с пользователем

Not Defined	0
Required	2
None	8

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	6
≤7	0
≤8	0
≤9	0
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	8
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	6
≤7	0
≤8	0
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Поставщик

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Эксплойт 0-дня

<1k	0
<2k	6
<5k	4
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Эксплойт сегодня

<1k	10
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Объем рынка эксплойтов

🔴 CTI Деятельность

Affected Versions (4): 4.0, 4.1, 6.5, 12.06.2015

Опубликовано	Base	Temp	Уязвимости	0day	Сегодня	Э�	Rem	CTI	CVE
23.03.2022	7.3	7.0	Bitrix Site Manager Vote Module Remote Code Execution	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-27228
31.01.2017	4.1	4.0	Bitrix Site Manager Contact Form межсайтовый скриптинг	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.04	CVE-2017-20122
02.05.2008	5.3	4.7	Bitrix Site Manager redirect.php эскалация привилегий	$0-$5k	$0-$5k	Unproven	Unavailable	0.03	CVE-2008-2052
19.05.2006	5.3	4.8	Bitrix Bitrix Site Manager DNS Cache раскрытие информации	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00	CVE-2006-2479
19.05.2006	4.6	4.4	Bitrix Bitrix Site Manager межсайтовый скриптинг	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00	CVE-2006-2477
18.05.2006	4.3	4.1	Bitrix Bitrix Site Manager межсайтовый скриптинг	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00	CVE-2006-2478
18.05.2006	5.3	5.0	Bitrix Bitrix Site Manager раскрытие информации	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00	CVE-2006-2476
15.06.2005	5.3	4.8	Bitrix Bitrix Site Manager start.php эскалация привилегий	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2005-1996
15.06.2005	3.3	3.2	Bitrix Site Manager dbquery_error.php Path раскрытие информации	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00
15.06.2005	5.3	5.0	Bitrix Bitrix Site Manager Error Message subscr_form.php раскрытие информации	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2005-1995

больше записей по Bitrix

◂ ПредыдущийОбзорДалее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!