CVE-2017-14509 - OpenCVE

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a module=CallRest&url= query string. Proper input validation has been added to mitigate this issue.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Sugarcrm	Sugarcrm

Configuration 1 [-]

OR	cpe:2.3:a:sugarcrm:sugarcrm::::::::
	cpe:2.3:a:sugarcrm:sugarcrm:6.5.26::::community:::
	cpe:2.3:a:sugarcrm:sugarcrm:7.8.0.0:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.8.0.1:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.8.1.0:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.8.2.0:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.8.2.1:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.0:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.1:::::::*
	cpe:2.3:a:sugarcrm:sugarcrm:7.9.1.0:::::::*

References

Link	Resource
https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/	Exploit Third Party Advisory
https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2017-007/	Vendor Advisory
https://www.synology.com/support/security/Synology_SA_17_53_SugarCRM

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-09-17T21:00:00

Updated: 2017-12-29T13:57:02

Reserved: 2017-09-17T00:00:00

Link: CVE-2017-14509

JSON object: View

NVD Information

Status : Modified

Published: 2017-09-17T21:29:00.280

Modified: 2017-12-30T02:29:01.920

Link: CVE-2017-14509

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-09-17T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a module=CallRest&url= query string. Proper input validation has been added to mitigate this issue."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-29T13:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2017-007/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.synology.com/support/security/Synology_SA_17_53_SugarCRM"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14509", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a module=CallRest&url= query string. Proper input validation has been added to mitigate this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2017-007/", "refsource": "MISC", "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2017-007/"}, {"name": "https://www.synology.com/support/security/Synology_SA_17_53_SugarCRM", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_17_53_SugarCRM"}, {"name": "https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/", "refsource": "MISC", "url": "https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-14509", "datePublished": "2017-09-17T21:00:00", "dateReserved": "2017-09-17T00:00:00", "dateUpdated": "2017-12-29T13:57:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:*:*:*:*:*:*:*:*", "matchCriteriaId": "1CF7DEB0-D9C7-4422-8632-F70D7EE23DB9", "versionEndIncluding": "7.7.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:6.5.26:*:*:*:community:*:*:*", "matchCriteriaId": "D3E99EB2-05BF-4575-9170-D9014B2D6B5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD5EB33E-9B9E-4D05-928E-55D53F94A698", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "62260AB3-77B6-4E7D-9ECF-AB0871F01E52", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B59B76F-5141-47BE-975D-356742C13659", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F20AB20-1C40-4192-8B1D-0C227681F2EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2021DD4C-B55B-4C52-B46B-C71AE71E1B48", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6A722A2-2DD7-4513-85B2-5DE2886D1AC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D34FE48A-1DA0-4F87-9C62-507123D070AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sugarcrm:sugarcrm:7.9.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DA7C251-86A8-4B1C-9296-C6008CAF65DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a module=CallRest&url= query string. Proper input validation has been added to mitigate this issue."}, {"lang": "es", "value": "Existe un problema en SugarCRM en versiones anteriores a la 7.7.2.3, en versiones 7.8.x anteriores a la 7.8.2.2 y en versiones 7.9.x anteriores a la 7.9.2.0 (y Sugar Community Edition 6.5.26). Existe una vulnerabilidad de inclusi\u00f3n remota de archivos en el m\u00f3dulo Connectors que permite a usuarios autenticados incluir archivos de sistema que se pueden acceder remotamente mediante una cadena de consulta module=CallRest&url=. Una validaci\u00f3n de valores de entrada correcta mitigar\u00eda este problema."}], "id": "CVE-2017-14509", "lastModified": "2017-12-30T02:29:01.920", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-17T21:29:00.280", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2017-007/"}, {"source": "cve@mitre.org", "url": "https://www.synology.com/support/security/Synology_SA_17_53_SugarCRM"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}