cimentech (resolving with update)

Open RayTdC opened this issue 1 year ago • 0 comments

This solution refers to which of the apps?

A6 - Cimentech

What did you do to mitigate the vulnerability?

The application contained an outdated Drupal (content management system), which allowed remote code execution. After upgrading Drupal from 7.57 to 7.100, remote code execution was no longer possible, as shown in the images below.

Captura de Tela 2024-04-26 às 10 21 33 before update

Captura de Tela 2024-04-26 às 10 28 03 after update

Apr 26 '24 18:04 RayTdC