==================================================================== CERT-Renater Note d'Information No. 2012/VULN476 ____________________________________________________________________ DATE : 03/12/2012 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) : Systems running MODX Evolution versions prior to 1.0.7, Forgot Manager Login plugin for Modx prior to version 1.1.4. ====================================================================== http://forums.modx.com/thread/80701/modx-evolution-1-0-6-and-prior-unauthorized-manager-access#dis-post-444667 ______________________________________________________________________ Product: MODX Evolution Risk: Very High Severity: Critical Versions: 1.0.6 and all previous releases Vulnerabilty Type: Permissions, Privileges, and Access Control; Input Validation; SQL Injection Report Date: 2012-Nov-26 Fixed Date: 2012-Nov-26 Description The Forgot Manager Login plugin distributed with all versions of MODX Evolution (and 0.9.x) contains a vulnerability that allows users to gain unauthorized access to the MODX Manager. Affected Releases All MODX 0.9.x/Evolution releases prior to and including MODX Evolution 1.0.6 are affected. Solutions There are three ways to resolve or mitigate the issue: Disable Forgot Manager Login plugin Upgrade Forgot Manager Login to version 1.1.4 Upgrade to MODX Evolution 1.0.7. NOTE A special thanks to community member Agel_Nash for reporting the full scope of this issue directly to MODX so a resolution could be made available before details were. ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================