CVE-2019-7387 - OpenCVE

A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via the name parameter.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Systrome	Isg-600h Isg-600c Firmware Isg-800w Firmware Isg-600h Firmware Isg-600c Isg-800w

Configuration 1 [-]

AND

cpe:2.3:o:systrome:isg-600c_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*

cpe:2.3:h:systrome:isg-600c:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:systrome:isg-600h_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*

cpe:2.3:h:systrome:isg-600h:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:systrome:isg-800w_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*

cpe:2.3:h:systrome:isg-800w:-:*:*:*:*:*:*:*

References

Link	Resource
https://s3curityb3ast.github.io/KSA-Dev-004.md
https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-02-04T22:00:00

Updated: 2019-05-08T20:25:51

Reserved: 2019-02-04T00:00:00

Link: CVE-2019-7387

JSON object: View

NVD Information

Status : Modified

Published: 2019-02-04T22:29:00.393

Modified: 2019-05-08T21:29:08.477

Link: CVE-2019-7387

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via the name parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-05-08T20:25:51", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://s3curityb3ast.github.io/KSA-Dev-004.md"}, {"tags": ["x_refsource_MISC"], "url": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7387", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via the name parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://s3curityb3ast.github.io/KSA-Dev-004.md", "refsource": "MISC", "url": "https://s3curityb3ast.github.io/KSA-Dev-004.md"}, {"name": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html", "refsource": "MISC", "url": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-7387", "datePublished": "2019-02-04T22:00:00", "dateReserved": "2019-02-04T00:00:00", "dateUpdated": "2019-05-08T20:25:51", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:systrome:isg-600c_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*", "matchCriteriaId": "6A432A82-F0B8-4FA6-AF37-52223EABF84D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:systrome:isg-600c:-:*:*:*:*:*:*:*", "matchCriteriaId": "243A6566-F147-4570-8202-83EEED89E979", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:systrome:isg-600h_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*", "matchCriteriaId": "BC395883-1101-4835-83B5-B898BD5F7EC1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:systrome:isg-600h:-:*:*:*:*:*:*:*", "matchCriteriaId": "0028BB03-5133-438F-965D-D340ECC140A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:systrome:isg-800w_firmware:1.1-r2.1_trunk-20180914:*:*:*:*:*:*:*", "matchCriteriaId": "EFB2602D-0D41-49B2-92C1-FDC8D90DBC48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:systrome:isg-800w:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FFDBA22-57B3-492A-9813-0C8591844C68", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via the name parameter."}, {"lang": "es", "value": "Existe una vulnerabilidad de inclusi\u00f3n de archivos locales en la interfaz web de los dispositivos Systrome Cumilon ISG-600C, ISG-600H y ISG-800W 1.1-R2.1_TRUNK-20180914.bin. Cuando se llama a la funci\u00f3n export desde system/maintenance/export.php, acepta la ruta proporcionada por el usuario, lo que conduce a un salto de directorio mediante el par\u00e1metro name."}], "id": "CVE-2019-7387", "lastModified": "2019-05-08T21:29:08.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-02-04T22:29:00.393", "references": [{"source": "cve@mitre.org", "url": "https://s3curityb3ast.github.io/KSA-Dev-004.md"}, {"source": "cve@mitre.org", "url": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}