CVE-2017-8794 - OpenCVE

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Accellion	File Transfer Appliance

Configuration 1 [-]

cpe:2.3:a:accellion:file_transfer_appliance:*:*:*:*:*:*:*:*

References

Link	Resource
https://gist.github.com/anonymous/32e2894fa29176f3f32cb2b2bb7c24cb	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-05-05T18:00:00

Updated: 2017-05-05T17:57:01

Reserved: 2017-05-05T00:00:00

Link: CVE-2017-8794

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-05-05T18:29:00.447

Modified: 2017-05-17T16:54:49.913

Link: CVE-2017-8794

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:accellion:file_transfer_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "D99C5134-1070-4615-A3C2-ED5F24D98D02", "versionEndIncluding": "9_12_40", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos Accellion FTA anteriores a FTA_9_12_180. Debido a una expresi\u00f3n regular (destinada a coincidir con las URL https locales) carece de un car\u00e1cter ^ inicial, courier/web/1000@/wmProgressval.html, que permite ataques SSRF con un archivo: ///etc/passwd#https:// patr\u00f3n de URL."}], "id": "CVE-2017-8794", "lastModified": "2017-05-17T16:54:49.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-05T18:29:00.447", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/anonymous/32e2894fa29176f3f32cb2b2bb7c24cb"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}