CVE-2017-1000490: Path Traversal
First published: Wed Jan 03 2018(Updated: )
### Impact Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to. ### Patches Update to 2.12.0 or later. ### Workarounds None ### For more information If you have any questions or comments about this advisory: * Email us at [security@mautic.org](mailto:security@mautic.org)
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/mautic/core | >=1.0.0<2.12.0 | 2.12.0 |
| Acquia Mautic | =1.0.1 | |
| Acquia Mautic | =1.0.2 | |
| Acquia Mautic | =1.0.3 | |
| Acquia Mautic | =1.0.4 | |
| Acquia Mautic | =1.0.5 | |
| Acquia Mautic | =1.1.0 | |
| Acquia Mautic | =1.1.1 | |
| Acquia Mautic | =1.1.2 | |
| Acquia Mautic | =1.1.3 | |
| Acquia Mautic | =1.2.0-beta1 | |
| Acquia Mautic | =1.2.1 | |
| Acquia Mautic | =1.2.2 | |
| Acquia Mautic | =1.2.3 | |
| Acquia Mautic | =1.2.4 | |
| Acquia Mautic | =1.3.0 | |
| Acquia Mautic | =1.3.1 | |
| Acquia Mautic | =1.4.0 | |
| Acquia Mautic | =1.4.1 | |
| Acquia Mautic | =2.0.0 | |
| Acquia Mautic | =2.0.1 | |
| Acquia Mautic | =2.1.0 | |
| Acquia Mautic | =2.1.1 | |
| Acquia Mautic | =2.2.0 | |
| Acquia Mautic | =2.2.1 | |
| Acquia Mautic | =2.3.0 | |
| Acquia Mautic | =2.4.0 | |
| Acquia Mautic | =2.5.0 | |
| Acquia Mautic | =2.5.1 | |
| Acquia Mautic | =2.6.0 | |
| Acquia Mautic | =2.6.1 | |
| Acquia Mautic | =2.7.0 | |
| Acquia Mautic | =2.7.1 | |
| Acquia Mautic | =2.8.0 | |
| Acquia Mautic | =2.8.1 | |
| Acquia Mautic | =2.8.2 | |
| Acquia Mautic | =2.9.0-beta | |
| Acquia Mautic | =2.9.1 | |
| Acquia Mautic | =2.10.0-beta | |
| Acquia Mautic | =2.10.1 | |
| Acquia Mautic | =2.11.0-beta | |
| Mautic Mautic | =1.0.0 | |
| Mautic Mautic | =1.2.0 | |
| Mautic Mautic | =2.9.0 | |
| Mautic Mautic | =2.9.2 | |
| Mautic Mautic | =2.10.0 | |
| Mautic Mautic | =2.11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/mautic/mautic/security/advisories/GHSA-qpgw-2c72-4c89
- https://nvd.nist.gov/vuln/detail/CVE-2017-1000490
- https://github.com/mautic/mautic/commit/3b01786433ae15e9a23f1eb9b0d3dfdb065b6241
- https://github.com/mautic/mautic/releases/tag/2.12.0
- https://github.com/advisories/GHSA-qpgw-2c72-4c89 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2017-1000490?
The severity of CVE-2017-1000490 is medium with a CVSS score of 6.5.
How does CVE-2017-1000490 affect Mautic?
CVE-2017-1000490 allows any logged-in Mautic user to download any file from the server that they have access to using the Filemanager.
How can I fix CVE-2017-1000490?
To fix CVE-2017-1000490, update Mautic to version 2.12.0 or later.
Are there any workarounds for CVE-2017-1000490?
No, there are no workarounds for CVE-2017-1000490.
Where can I find more information about CVE-2017-1000490?
You can find more information about CVE-2017-1000490 at the following references: [Reference 1](https://github.com/mautic/mautic/security/advisories/GHSA-qpgw-2c72-4c89), [Reference 2](https://nvd.nist.gov/vuln/detail/CVE-2017-1000490), [Reference 3](https://github.com/mautic/mautic/commit/3b01786433ae15e9a23f1eb9b0d3dfdb065b6241).
- collector/github-advisory-latest
- alias/GHSA-qpgw-2c72-4c89
- alias/CVE-2017-1000490
- collector/github-advisory
- collector/nvd-index
- collector/nvd-cve
- agent/author
- agent/type
- agent/softwarecombine
- agent/severity
- agent/weakness
- agent/references
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- package-manager/composer
- vendor/acquia
- canonical/acquia mautic
- version/acquia mautic/1.0.1
- version/acquia mautic/1.0.2
- version/acquia mautic/1.0.3
- version/acquia mautic/1.0.4
- version/acquia mautic/1.0.5
- version/acquia mautic/1.1.0
- version/acquia mautic/1.1.1
- version/acquia mautic/1.1.2
- version/acquia mautic/1.1.3
- version/acquia mautic/1.2.0-beta1
- version/acquia mautic/1.2.1
- version/acquia mautic/1.2.2
- version/acquia mautic/1.2.3
- version/acquia mautic/1.2.4
- version/acquia mautic/1.3.0
- version/acquia mautic/1.3.1
- version/acquia mautic/1.4.0
- version/acquia mautic/1.4.1
- version/acquia mautic/2.0.0
- version/acquia mautic/2.0.1
- version/acquia mautic/2.1.0
- version/acquia mautic/2.1.1
- version/acquia mautic/2.2.0
- version/acquia mautic/2.2.1
- version/acquia mautic/2.3.0
- version/acquia mautic/2.4.0
- version/acquia mautic/2.5.0
- version/acquia mautic/2.5.1
- version/acquia mautic/2.6.0
- version/acquia mautic/2.6.1
- version/acquia mautic/2.7.0
- version/acquia mautic/2.7.1
- version/acquia mautic/2.8.0
- version/acquia mautic/2.8.1
- version/acquia mautic/2.8.2
- version/acquia mautic/2.9.0-beta
- version/acquia mautic/2.9.1
- version/acquia mautic/2.10.0-beta
- version/acquia mautic/2.10.1
- version/acquia mautic/2.11.0-beta
- vendor/mautic
- canonical/mautic mautic
- version/mautic mautic/1.0.0
- version/mautic mautic/1.2.0
- version/mautic mautic/2.9.0
- version/mautic mautic/2.9.2
- version/mautic mautic/2.10.0
- version/mautic mautic/2.11.0