CMS Compromise

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
1. Content Management System (CMS) compromise refers to unpatched CMS generating vulnerabilities for cyber criminals to install backdoor programs to gain unauthorised access into the organisation's systems.

Related Term: Configuration Exploitation







(Source: Business Continuity Management Institute - BCM Institute)

 

2. In today's network environment, content management systems (CMS) are ubiquitous. CMS provide an incredibly wide array of functionality including publishing, modifying content, organizing data and managing users. As with everything else, the more common it is, the more often it is targeted. CMS vulnerabilities that are left unpatched are often targeted and used as a foothold to install backdoor programs. A backdoor can lay in wait for days, months or even years before threat actors return to use it to gain access again.
Source: (Verizon, 2016)