CVE-2017-10973 - OpenCVE

In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Finecms Project	Finecms

Configuration 1 [-]

cpe:2.3:a:finecms_project:finecms:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/andrzuk/FineCMS/pull/10	Third Party Advisory
https://github.com/andrzuk/FineCMS/pull/11	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-06T16:00:00

Updated: 2017-07-06T15:57:01

Reserved: 2017-07-06T00:00:00

Link: CVE-2017-10973

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-07-06T16:29:00.297

Modified: 2017-07-17T18:20:51.930

Link: CVE-2017-10973

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:finecms_project:finecms:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F65F90A-6982-48DD-BA88-AC3D023E427B", "versionEndIncluding": "2017-05-12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header."}, {"lang": "es", "value": "En FineCMS antes del 06-07-2017, en el archivo application/lib/ajax/get_image_data.php presenta un problema de tipo SSRF, relacionado con las peticiones de archivos sin imagen con un encabezado Host HTTP modificado."}], "id": "CVE-2017-10973", "lastModified": "2017-07-17T18:20:51.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-06T16:29:00.297", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/andrzuk/FineCMS/pull/10"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/andrzuk/FineCMS/pull/11"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}