CVE-2020-15189 - OpenCVE

SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Brassica	Soy Cms

Configuration 1 [-]

cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/inunosinsi/soycms/issues/9	Exploit Mitigation Third Party Advisory
https://github.com/inunosinsi/soycms/pull/14	Patch Third Party Advisory
https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59	Patch Third Party Advisory
https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433	Third Party Advisory
https://youtu.be/FWIDFNXmr9g	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-09-18T17:20:16

Updated: 2020-09-18T17:20:15

Reserved: 2020-06-25T00:00:00

Link: CVE-2020-15189

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-09-18T18:15:16.863

Modified: 2020-09-29T16:17:05.277

Link: CVE-2020-15189

JSON object: View

Redhat Information

No data.

CWE

CWE-434

{"containers": {"cna": {"affected": [{"product": "soycms", "vendor": "inunosinsi", "versions": [{"status": "affected", "version": "< 3.0.2.328"}]}], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "{\"CWE-434\":\"Unrestricted Upload of File with Dangerous Type\"}", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-18T17:20:15", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"tags": ["x_refsource_MISC"], "url": "https://youtu.be/FWIDFNXmr9g"}], "source": {"advisory": "GHSA-6r2f-p68g-m433", "discovery": "UNKNOWN"}, "title": "Remote Code Execution in SOY CMS", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15189", "STATE": "PUBLIC", "TITLE": "Remote Code Execution in SOY CMS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "soycms", "version": {"version_data": [{"version_value": "< 3.0.2.328"}]}}]}, "vendor_name": "inunosinsi"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "{\"CWE-434\":\"Unrestricted Upload of File with Dangerous Type\"}"}]}]}, "references": {"reference_data": [{"name": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433", "refsource": "CONFIRM", "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"name": "https://github.com/inunosinsi/soycms/issues/9", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"name": "https://github.com/inunosinsi/soycms/pull/14", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"name": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"name": "https://youtu.be/FWIDFNXmr9g", "refsource": "MISC", "url": "https://youtu.be/FWIDFNXmr9g"}]}, "source": {"advisory": "GHSA-6r2f-p68g-m433", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15189", "datePublished": "2020-09-18T17:20:16", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2020-09-18T17:20:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE978394-A82D-43E0-AE72-36ABB7FBB3F9", "versionEndExcluding": "3.0.2.328", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}, {"lang": "es", "value": "SOY CMS versiones 3.0.2 y anteriores, est\u00e1n afectadas por una Ejecuci\u00f3n de C\u00f3digo Remota (RCE) usando una Carga de Archivos Sin Restricciones. La vulnerabilidad de tipo Cross-Site Scripting (XSS) que fue usada en el CVE-2020-15183 puede ser usada para aumentar el impacto al redireccionar el administrador para que acceda a una p\u00e1gina especialmente dise\u00f1ada. Esta vulnerabilidad es causada por una configuraci\u00f3n no segura en elFinder. Esto es corregido en la versi\u00f3n 3.0.2.328"}], "id": "CVE-2020-15189", "lastModified": "2020-09-29T16:17:05.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-09-18T18:15:16.863", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://youtu.be/FWIDFNXmr9g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security-advisories@github.com", "type": "Primary"}]}