CVE-2016-10037 - OpenCVE

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Modx	Modx Revolution

Configuration 1 [-]

cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/95127	Third Party Advisory VDB Entry
https://github.com/modxcms/revolution/pull/13177	Patch Vendor Advisory
https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt	Release Notes

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-12-24T11:00:00

Updated: 2016-12-28T10:57:01

Reserved: 2016-12-24T00:00:00

Link: CVE-2016-10037

JSON object: View

NVD Information

Status : Analyzed

Published: 2016-12-24T11:59:00.147

Modified: 2019-11-14T20:04:22.620

Link: CVE-2016-10037

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-12-24T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-28T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/modxcms/revolution/pull/13177"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt"}, {"name": "95127", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95127"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10037", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/modxcms/revolution/pull/13177", "refsource": "CONFIRM", "url": "https://github.com/modxcms/revolution/pull/13177"}, {"name": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt", "refsource": "CONFIRM", "url": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt"}, {"name": "95127", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95127"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10037", "datePublished": "2016-12-24T11:00:00", "dateReserved": "2016-12-24T00:00:00", "dateUpdated": "2016-12-28T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCFFC358-F3DF-4016-BCB1-8A5A6330713B", "versionEndExcluding": "2.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist."}, {"lang": "es", "value": "Salto de directorio en /connectors/index.php en MODX Revolution en versiones anteriores a 2.5.2-pl permite a atacantes remotos llevar a cabo inclusi\u00f3n/salto/manipulaci\u00f3n de archivo local local a trav\u00e9s de un par\u00e1metro id manipulado (tambi\u00e9n conocido como dir), relacionado con navegador/directorio/obtener lista."}], "id": "CVE-2016-10037", "lastModified": "2019-11-14T20:04:22.620", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-24T11:59:00.147", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95127"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/modxcms/revolution/pull/13177"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}