CVE-2020-13695 - OpenCVE

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Quickbox	Quickbox

Configuration 1 [-]

cpe:2.3:a:quickbox:quickbox:*:*:*:*:community:*:*:*

Configuration 2 [-]

cpe:2.3:a:quickbox:quickbox:*:*:*:*:pro:*:*:*

References

Link	Resource
https://s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-01T17:45:16

Updated: 2020-06-01T17:45:16

Reserved: 2020-05-29T00:00:00

Link: CVE-2020-13695

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-01T18:15:11.003

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-13695

JSON object: View

Redhat Information

No data.

CWE

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quickbox:quickbox:*:*:*:*:community:*:*:*", "matchCriteriaId": "8EFF18BD-022D-4EEB-A8E8-121DC1224A87", "versionEndIncluding": "2.5.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quickbox:quickbox:*:*:*:*:pro:*:*:*", "matchCriteriaId": "BADFB282-D8D4-4084-8337-E5376A2E3C3E", "versionEndIncluding": "2.1.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file."}, {"lang": "es", "value": "En QuickBox Community Edition versiones hasta 2.5.5 y Pro Edition versiones hasta 2.1.8, el usuario local www-data contiene privilegios sudo para ejecutar grep como root sin una contrase\u00f1a, lo que permite a un atacante obtener informaci\u00f3n confidencial por medio de un grep de un archivo /root/*.db o /etc/shadow."}], "id": "CVE-2020-13695", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-01T18:15:11.003", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}, {"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}