Release Notes for Allegra Release 7.5.1

Important Security Updates

We are pleased to introduce you to version 7.5.1 of Allegra, which includes very important security improvements and enhancements for better usability. This update is part of our commitment to continuously offer you a secure and efficient product.

To address the security vulnerabilities listed below, it is strongly recommended to update to the latest Allegra version 7.5.1. Upon installation, a fix will be applied for each ZDI CAN listed in the table below, except for ZDI-CAN-22360. Cloud customers do not need to take any action, as we have updated their instances immediately following the disclosure.

Additional note on ZDI-CAN-22360 for On-Premise customers: Please check whether you have changed the Allegra database default password after installation.

You can download the latest Allegra version 7.5.1 here.

The Allegra version 7.5.1 includes fixes to strengthen security for the following issues:

ZDI CAN	Product Affected	CVSS Score + Vector	Description
ZDI-CAN-22507	Allegra Versions lower 7.5.1.	7.5 – High CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	An Arbitrary File Read vulnerability, which can be exploited by authenticated users, including those with a Guest role. This vulnerability is treated as unauthenticated since if anonymous access is activated anyone can login.
ZDI-CAN-22530	Allegra Versions lower 7.5.1	7.5 – High CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
ZDI-CAN-22532	Allegra Versions lower 7.5.1	7.5 – HIgh CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	Unauthenticated Arbitrary File Read vulnerability. It requires the existence of the C:\Allegra\plugins\tp-math directory.
ZDI-CAN-22513	Allegra Versions lower 7.5.1	7.2 – High CVSS:AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	Post-authentication Remote Code Execution due to a directory traversal vulnerability during the backup restore operation. Admin privileges are required for exploitation.
ZDI-CAN-22512	Allegra Versions lower 7.5.1	9.8 – Critical CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Unauthenticated Remote Code Execution due to improper access control in the Struts SiteConfigAction action of Allegra software.
ZDI-CAN-22510	Allegra Versions lower 7.5.1	7.2 – High CVSS:AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	Post-authentication Remote Code Execution due to a directory traversal vulnerability in the uploadFile method of the BrandingAction class. Admin privileges are required for exploitation.
ZDI-CAN-22548	Allegra Versions lower 7.5.1	9.8 – Critical CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Remote Code Execution that can be exploited by any authenticated user, including those with a Guest role. This vulnerability is treated as unauthenticated since if anonymous access is activated anyone can login.
ZDI-CAN-22506	Allegra Versions lower 7.5.1
ZDI-CAN-22505	Allegra Versions lower 7.5.1
ZDI-CAN-22504	Allegra Versions lower 7.5.1	7.2 – High CVSS:AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	Post-authentication Remote Code Execution due to a directory traversal vulnerability during a file upload operation. Admin privileges are required for exploitation.
ZDI-CAN-22528	Allegra Versions lower 7.5.1	7.2 – High CVSS:AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
ZDI-CAN-22527	Allegra Versions lower 7.5.1	7.2 – High CVSS:AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
ZDI-CAN-22361	Allegra Versions lower 7.5.1	9.8 – Critical CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Directory Traversal Authentication Bypass Vulnerability.
ZDI-CAN-22360	Allegra Versions lower 7.5.1	9.8 – Critical CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Authentication Bypass due to Hard-coded Credentials.The critical aspect of this vulnerability lies in the fact that every Allegra installation uses the same default database password, which is possibly not changed post-installation. This vulnerability only affects On-Premise customers. We highly recommend changing database passwords after installing Allegra.