1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Drupal Core Remote Code Execution Vulnerability

Known Exploited Vulnerabilities CVE-2018-7600 Mappings

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2018-7600 Drupal Core Remote Code Execution Vulnerability secondary_impact T1485 Data Destruction
Comments
CVE-2018-7602 is a remote code execution (RCE) vulnerability affecting Drupal’s versions 7 and 8. According to reports, successfully exploiting the vulnerability entails elevating the permission to modify or delete the content of a Drupal-run site and crypto-jacking campaigns.
References
  1. https://threatpost.com/cryptojacking-campaign-exploits-drupal-bug-over-400-websites-attacked/131733/
  2. https://www.infosecurity-magazine.com/news-features/exploited-state-fix/
CVE-2018-7600 Drupal Core Remote Code Execution Vulnerability secondary_impact T1496 Resource Hijacking
Comments
CVE-2018-7602 is a remote code execution (RCE) vulnerability affecting Drupal’s versions 7 and 8. According to reports, successfully exploiting the vulnerability entails elevating the permission to modify or delete the content of a Drupal-run site and crypto-jacking campaigns.
References
  1. https://threatpost.com/cryptojacking-campaign-exploits-drupal-bug-over-400-websites-attacked/131733/
  2. https://www.infosecurity-magazine.com/news-features/exploited-state-fix/
CVE-2018-7600 Drupal Core Remote Code Execution Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
CVE-2018-7602 is a remote code execution (RCE) vulnerability affecting Drupal’s versions 7 and 8. According to reports, successfully exploiting the vulnerability entails elevating the permission to modify or delete the content of a Drupal-run site and crypto-jacking campaigns.
References
  1. https://threatpost.com/cryptojacking-campaign-exploits-drupal-bug-over-400-websites-attacked/131733/
  2. https://www.infosecurity-magazine.com/news-features/exploited-state-fix/
CVE-2018-7600 Drupal Core Remote Code Execution Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
CVE-2018-7602 is a remote code execution (RCE) vulnerability affecting Drupal’s versions 7 and 8. According to reports, successfully exploiting the vulnerability entails elevating the permission to modify or delete the content of a Drupal-run site and crypto-jacking campaigns.
References
  1. https://threatpost.com/cryptojacking-campaign-exploits-drupal-bug-over-400-websites-attacked/131733/
  2. https://www.infosecurity-magazine.com/news-features/exploited-state-fix/