Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062 - Security-news

20 Nov 2024


      View online: https://www.drupal.org/sa-contrib-2024-062
Project: Mailjet [1]
Date: 2024-November-20
Security risk: *Moderately critical* 14 ∕ 25
AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon [2]
Vulnerability: Arbitrary PHP code execution
Affected versions: <4.0.1
Description: 
This module for Drupal provides complete control of Email settings with
Drupal and Mailjet.
In certain cases the module doesn't securely pass data to PHP's unserialize()
function, which could result in Remote Code Execution via PHP Object
Injection.
This vulnerability is mitigated by the fact that an attack must operate with
the permission "administer mailjet module", however this could be the case if
this issue were combined with others in an "attack chain".
Solution: 
Install the latest version:
* Upgrade to Mailjet 4.0.1 [3]
   * For Drupal 7.x, upgrade to Mailjet 7.x-2.23 [4]
Reported By: 
   * Drew Webber [5] of the Drupal Security Team
Fixed By: 
   * Drew Webber [6] of the Drupal Security Team
   * Bohdan Artemchuk [7]
Coordinated By: 
   * Drew Webber [8] of the Drupal Security Team
[1] https://www.drupal.org/project/mailjet
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/mailjet/releases/4.0.1
[4] https://www.drupal.org/project/mailjet/releases/7.x-2.23
[5] https://www.drupal.org/user/255969
[6] https://www.drupal.org/user/255969
[7] https://www.drupal.org/user/289861
[8] https://www.drupal.org/user/255969