CVE-2014-2552
📋 TL;DR
This vulnerability in Brookins Consulting Collected Information Export extension for eZ Publish allows remote attackers to bypass access controls and gain unauthorized access to sensitive data. It affects eZ Publish installations using BC Collected Information Export extension version 1.1.0.
💻 Affected Systems
- Brookins Consulting Collected Information Export extension for eZ Publish
📦 What is this software?
Collected Information Export by Brookinsconsulting
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of sensitive collected information including user data, form submissions, and potentially administrative credentials.
Likely Case
Unauthorized access to collected form data, user information, and potentially other sensitive content stored through the extension.
If Mitigated
No data exposure if proper access controls are implemented or extension is disabled.
🎯 Exploit Status
Access control bypass vulnerabilities typically require minimal technical skill to exploit once the vulnerable endpoint is identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in commit d11811baccf265ff567dddca03cac70b65838a4f
Vendor Advisory: https://github.com/brookinsconsulting/bccie/commit/d11811baccf265ff567dddca03cac70b65838a4f
Restart Required: No
Instructions:
1. Update to the patched version of the extension from the GitHub repository. 2. Replace the vulnerable extension files with the patched version. 3. Clear any caches if applicable.
🔧 Temporary Workarounds
Disable the extension
allTemporarily disable the BC Collected Information Export extension until patching is possible.
Disable via eZ Publish extension settings or remove from active extensions list
Implement network access controls
allRestrict access to the extension endpoints using firewall rules or web server configuration.
Configure .htaccess or web server rules to restrict access to /extension/bccie/ paths
🧯 If You Can't Patch
- Remove the extension completely from the eZ Publish installation
- Implement strict network segmentation and isolate the affected system
🔍 How to Verify
Check if Vulnerable:
Check if extension/bccie/ directory exists and version is 1.1.0 in extension configuration.Check Version:
Check extension.ini or extension configuration files for version informationVerify Fix Applied:
Verify the extension has been updated to include the security patch from commit d11811baccf265ff567dddca03cac70b65838a4f.📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns to /extension/bccie/ endpoints
- Unauthorized access attempts to export functionality
Network Indicators:
- HTTP requests to bccie export endpoints from unauthorized sources
SIEM Query:
web_access_logs WHERE uri CONTAINS '/extension/bccie/' AND response_code = 200 FROM unauthorized_ips🔗 References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92129
- https://github.com/brookinsconsulting/bccie/commit/d11811baccf265ff567dddca03cac70b65838a4f
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2014-004/?fid=3853
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92129
- https://github.com/brookinsconsulting/bccie/commit/d11811baccf265ff567dddca03cac70b65838a4f
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2014-004/?fid=3853
