{"id":13501,"date":"2025-07-02T12:10:34","date_gmt":"2025-07-02T09:10:34","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=13501"},"modified":"2025-07-02T12:10:34","modified_gmt":"2025-07-02T09:10:34","slug":"vulnerabilities-sitecore-experience-platform","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/vulnerabilities-sitecore-experience-platform\/13501\/","title":{"rendered":"&#8220;B&#8221; s\u0131n\u0131f\u0131 g\u00fcvenlik: Sitecore CMS&#8217;de \u00fc\u00e7 g\u00fcvenlik a\u00e7\u0131\u011f\u0131"},"content":{"rendered":"<p>Ara\u015ft\u0131rmac\u0131lar, pop\u00fcler i\u00e7erik y\u00f6netim sistemi Sitecore Experience Platform\u2019da \u00fc\u00e7 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password\/\" target=\"_blank\" rel=\"nofollow noopener\">ortaya \u00e7\u0131kard\u0131<\/a>.<\/p>\n<ul>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34509\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-34509<\/a>, bir sald\u0131rgan\u0131n uzaktan bir hizmet hesab\u0131 olarak oturum a\u00e7mas\u0131na olanak tan\u0131yan sabit kodlu bir parola (yaln\u0131zca tek bir harften olu\u015fan) i\u00e7erir.<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34510\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-34510<\/a>, kimli\u011fi do\u011frulanm\u0131\u015f bir kullan\u0131c\u0131n\u0131n web sitesinin k\u00f6k dizinine bir ZIP ar\u015fivi y\u00fcklemesine ve ay\u0131klamas\u0131na olanak tan\u0131yan bir Zip Slip g\u00fcvenlik a\u00e7\u0131\u011f\u0131d\u0131r.<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34511\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-34511<\/a> de kullan\u0131c\u0131lar\u0131n siteye harici dosyalar y\u00fcklemesine izin verir, ancak bu kez herhangi bir k\u0131s\u0131tlama yoktur.<\/li>\n<\/ul>\n<p>\u0130lk g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 son ikisinden biriyle birle\u015ftiren bir sald\u0131rgan, Sitecore Experience Platform\u2019u \u00e7al\u0131\u015ft\u0131ran bir sunucuda uzaktan kod y\u00fcr\u00fctme (RCE) elde edebilir.<\/p>\n<p>\u015eu anda bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n do\u011fal ortamda kullan\u0131ld\u0131\u011f\u0131na dair bir kan\u0131t yok; ancak watchTowr taraf\u0131ndan yay\u0131nlanan ayr\u0131nt\u0131l\u0131 <a href=\"https:\/\/labs.watchtowr.com\/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform\/\" target=\"_blank\" rel=\"nofollow noopener\">analiz<\/a>, tehdit akt\u00f6rlerinin bunlar\u0131 her an silah haline getirebilmeleri i\u00e7in yeterli bilgiyi i\u00e7eriyor.<\/p>\n<h2>CVE-2025-34509 \u2013 \u00d6nceden ayarlanm\u0131\u015f bir hesap \u00fczerinden eri\u015fim<\/h2>\n<p>Sitecore CMS, biri sitecore\\ServicesAPI olmak \u00fczere birka\u00e7 varsay\u0131lan hesap i\u00e7erir. Do\u011fal olarak, t\u00fcm hesaplar\u0131n parolalar\u0131 karma (ve hatta <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/salt\/\" target=\"_blank\" rel=\"noopener\">tuzlanm\u0131\u015f<\/a>) bir bi\u00e7imde saklan\u0131r. Ancak, parola sadece tek bir \u201cb\u201d harfinden olu\u015fuyorsa bu pek bir fark yaratmaz. B\u00f6yle bir parola yakla\u015f\u0131k \u00fc\u00e7 saniye i\u00e7inde deneme yan\u0131lma yoluyla k\u0131r\u0131labilir.<\/p>\n<p>\u00d6zellikle Sitecore\u2019un geli\u015ftiricileri <a href=\"https:\/\/doc.sitecore.com\/xp\/en\/developers\/latest\/platform-administration-and-architecture\/the-user-accounts.html\" target=\"_blank\" rel=\"nofollow noopener\">varsay\u0131lan hesaplar\u0131n de\u011fi\u015ftirilmemesini<\/a> tavsiye ederek \u201cVarsay\u0131lan bir kullan\u0131c\u0131 hesab\u0131n\u0131n d\u00fczenlenmesi g\u00fcvenlik modelinin di\u011fer alanlar\u0131n\u0131 etkileyebilir.\u201d (bu ne anlama geliyorsa) uyar\u0131s\u0131nda bulunuyor. Dolay\u0131s\u0131yla, resmi talimatlar\u0131 izleyen site y\u00f6neticilerinin bu parolalar\u0131 de\u011fi\u015ftirmesi pek olas\u0131 de\u011fildir. Sonu\u00e7 olarak, bu t\u00fcr varsay\u0131lan hesaplar muhtemelen bu CMS\u2019yi kullanan \u00e7o\u011fu web sitesinde mevcuttur.<\/p>\n<p>Bununla birlikte, sitecore\\ServicesAPI kullan\u0131c\u0131s\u0131n\u0131n atanm\u0131\u015f haklar\u0131 veya rolleri yoktur, bu nedenle standart Sitecore oturum a\u00e7ma arabirimi arac\u0131l\u0131\u011f\u0131yla kimlik do\u011frulamas\u0131 yapmak m\u00fcmk\u00fcn de\u011fildir. Ancak ara\u015ft\u0131rmac\u0131lar, ba\u015far\u0131l\u0131 bir kimlik do\u011frulamas\u0131 i\u00e7in gereken veri taban\u0131 kontrol\u00fcn\u00fc atlaman\u0131n bir yolunu buldular (ayr\u0131nt\u0131lar i\u00e7in orijinal <a href=\"https:\/\/labs.watchtowr.com\/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform\/\" target=\"_blank\" rel=\"nofollow noopener\">ara\u015ft\u0131rmaya<\/a> bakabilirsiniz). Sonu\u00e7 olarak, sald\u0131rgan ge\u00e7erli bir oturum \u00e7erezi elde eder. Y\u00f6netici haklar\u0131na hala sahip olunmasa da bu \u00e7erez daha fazla sald\u0131r\u0131 i\u00e7in kullan\u0131labilir.<\/p>\n<h2>CVE-2025-34510 \u2013 Sitecore\u2019un dosya y\u00fckleyicisindeki g\u00fcvenlik a\u00e7\u0131\u011f\u0131<\/h2>\n<p>Sitecore, kimli\u011fi do\u011frulanm\u0131\u015f herhangi bir kullan\u0131c\u0131n\u0131n kullanabilece\u011fi bir dosya y\u00fckleme mekanizmas\u0131na sahiptir. B\u00f6ylece ge\u00e7erli bir oturum \u00e7erezine sahip olan bir sald\u0131rgan, bir ZIP ar\u015fivini y\u00fcklemek ve otomatik olarak ay\u0131klamak i\u00e7in bir HTTP iste\u011fi olu\u015fturabilir. CVE-2025-34510\u2019un \u00f6z\u00fc, hatal\u0131 girdi sanitizasyonu nedeniyle, kimli\u011fi do\u011frulanm\u0131\u015f bir sald\u0131rgan\u0131n bir yol ge\u00e7i\u015fi ger\u00e7ekle\u015ftirebilmesidir. Zip Slip olarak bilinen bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 t\u00fcr\u00fc hakk\u0131nda daha fazla bilgiyi <a href=\"https:\/\/www.kaspersky.com\/blog\/archive-and-disk-image-threats-and-security-policies\/53295\/\" target=\"_blank\" rel=\"noopener nofollow\">ZIP dosyas\u0131 i\u015fleme hakk\u0131ndaki yaz\u0131m\u0131zda<\/a> bulabilirsiniz. Esasen, sald\u0131rgan ar\u015fivi herhangi bir konuma (\u00f6rne\u011fin, web sitesinin k\u00f6k klas\u00f6r\u00fcne) \u00e7\u0131karabilir. Bu \u015fekilde, sald\u0131rgan kendi <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/web-shell\/\" target=\"_blank\" rel=\"noopener\">web kabu\u011fu<\/a> gibi herhangi bir \u015feyi y\u00fckleyebilir.<\/p>\n<h2>CVE-2025-34511 \u2013 Sitecore PowerShell Extensions mod\u00fcl\u00fcn\u00fcn dosya y\u00fckleyicisindeki g\u00fcvenlik a\u00e7\u0131\u011f\u0131<\/h2>\n<p>CVE-2025-34511, Sitecore\u2019a s\u0131zman\u0131n alternatif bir yoludur. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, Sitecore PowerShell Extensions mod\u00fcl\u00fcnde mevcuttur ve bu mod\u00fcl; \u00f6rne\u011fin bu CMS i\u00e7in en pop\u00fcler uzant\u0131lardan biri olan Sitecore Experience Accelerator gibi, Sitecore uzant\u0131lar\u0131n\u0131n bir\u00e7o\u011funun \u00e7al\u0131\u015fmas\u0131 i\u00e7in gereklidir.<\/p>\n<p>Esasen, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 CVE-2025-34510 ile ayn\u0131 \u015fekilde \u00e7al\u0131\u015f\u0131r, sadece biraz daha basittir. Sitecore PowerShell uzant\u0131s\u0131, kimli\u011fi do\u011frulanm\u0131\u015f bir kullan\u0131c\u0131 taraf\u0131ndan istismar edilebilecek kendi dosya y\u00fckleme mekanizmas\u0131na da sahiptir. HTTP istekleri arac\u0131l\u0131\u011f\u0131yla, bir sald\u0131rgan CMS\u2019ye herhangi bir uzant\u0131ya sahip herhangi bir dosya y\u00fckleyebilir ve web sitesindeki herhangi bir dizine kaydedebilir. Bu, \u00f6zel bir ZIP ar\u015fivi ve yolu haz\u0131rlamaya gerek olmad\u0131\u011f\u0131 ve sonucun temelde ayn\u0131 oldu\u011fu anlam\u0131na gelir: Bir web kabu\u011fu y\u00fcklemesi.<\/p>\n<h2>Sitecore Experience Platformu\u2019nda sald\u0131r\u0131lara kar\u015f\u0131 nas\u0131l korunulur?<\/h2>\n<p>Bu \u00fc\u00e7 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7in yamalar May\u0131s 2025\u2019te yay\u0131nlanm\u0131\u015ft\u0131r. \u015eirketiniz Sitecore\u2019u, \u00f6zellikle Sitecore PowerShell Extensions ile birlikte kullan\u0131yorsa, CMS\u2019yi m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede g\u00fcncellemenizi \u00f6neririz. NIST a\u00e7\u0131klamalar\u0131na g\u00f6re CVE-2025-34509, Sitecore Experience Manager ve Experience Platform s\u00fcr\u00fcmleri 10.1 ila 10.1.4 rev. 011974 PRE; 10.2\u2019nin t\u00fcm varyantlar\u0131; 10.3 ila 10.3.3 rev. 011967 PRE; ve 10.4 ila 10.4.1 rev. 011941 PRE\u2019yi etkilemektedir. CVE-2025-34510, Experience Manager, Experience Platform ve Experience Commerce\u2019in 9.0 ile 9.3 ve 10.0 ile 10.4 s\u00fcr\u00fcmlerinde mevcuttur. Son olarak, CVE-2025-34511 Sitecore PowerShell Extensions\u2019\u0131n 7.0 s\u00fcr\u00fcm\u00fcne kadar olan t\u00fcm s\u00fcr\u00fcmlerini etkilemektedir.<\/p>\n<p>Bu a\u00e7\u0131klar\u0131 ke\u015ffeden ara\u015ft\u0131rmac\u0131lar, \u00e7ok daha ilgin\u00e7 d\u00f6rt g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan daha haberdar olduklar\u0131n\u0131 iddia ediyorlar. Ancak, yamalar hen\u00fcz haz\u0131r olmad\u0131\u011f\u0131ndan, bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 daha sonra a\u00e7\u0131klayacaklar\u0131n\u0131 s\u00f6ylediler. Bu nedenle, Sitecore geli\u015ftiricilerinden gelecek g\u00fcncellemeleri takip etmenizi \u00f6neriyoruz.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Ara\u015ft\u0131rmac\u0131lar, Sitecore CMS platformunda kimli\u011fi do\u011frulanmam\u0131\u015f, uzaktan kod y\u00fcr\u00fctmeye (RCE) olanak tan\u0131yan \u00e7e\u015fitli g\u00fcvenlik a\u00e7\u0131klar\u0131 buldular.<\/p>\n","protected":false},"author":2726,"featured_media":13502,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[2789,790,1656,1525,2159,901,561,537,2717],"class_list":{"0":"post-13501","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-cms","11":"tag-guvenlik-aciklari","12":"tag-isletme","13":"tag-parolalar","14":"tag-rce","15":"tag-riskler","16":"tag-sifreler","17":"tag-tehditler","18":"tag-web-siteleri"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/vulnerabilities-sitecore-experience-platform\/13501\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/vulnerabilities-sitecore-experience-platform\/28979\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/vulnerabilities-sitecore-experience-platform\/24209\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/vulnerabilities-sitecore-experience-platform\/12540\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/vulnerabilities-sitecore-experience-platform\/29090\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/vulnerabilities-sitecore-experience-platform\/28274\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/vulnerabilities-sitecore-experience-platform\/31096\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/vulnerabilities-sitecore-experience-platform\/29789\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/vulnerabilities-sitecore-experience-platform\/39950\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/vulnerabilities-sitecore-experience-platform\/53683\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/vulnerabilities-sitecore-experience-platform\/22920\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/vulnerabilities-sitecore-experience-platform\/23953\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/vulnerabilities-sitecore-experience-platform\/32365\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/vulnerabilities-sitecore-experience-platform\/29308\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/vulnerabilities-sitecore-experience-platform\/35017\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/vulnerabilities-sitecore-experience-platform\/34656\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2726"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=13501"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13501\/revisions"}],"predecessor-version":[{"id":13504,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13501\/revisions\/13504"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/13502"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=13501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=13501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=13501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}