CVE-2020-25802 - OpenCVE

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Craftercms	Studio

Configuration 1 [-]

OR	cpe:2.3:a:craftercms:studio::::::::
	cpe:2.3:a:craftercms:studio::::::::

References

Link	Resource
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: crafter

Published: 2020-08-01T00:00:00

Updated: 2020-10-06T14:09:25

Reserved: 2020-09-22T00:00:00

Link: CVE-2020-25802

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-10-06T14:15:12.823

Modified: 2020-10-09T19:02:53.970

Link: CVE-2020-25802

JSON object: View

Redhat Information

No data.

CWE

CWE-913

{"containers": {"cna": {"affected": [{"product": "Crafter CMS", "vendor": "Crafter Software", "versions": [{"lessThan": "3.0.27", "status": "affected", "version": "3.0", "versionType": "custom"}, {"lessThan": "3.1.7", "status": "affected", "version": "3.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Kai Zhao (ToTU Security Team)"}], "datePublic": "2020-08-01T00:00:00", "descriptions": [{"lang": "en", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-913", "description": "CWE-913 Improper Control of Dynamically-Managed Code Resources", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-06T14:09:25", "orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd", "shortName": "crafter"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"}], "source": {"discovery": "EXTERNAL"}, "title": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting.", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@craftersoftware.com", "DATE_PUBLIC": "2020-08-01T15:47:00.000Z", "ID": "CVE-2020-25802", "STATE": "PUBLIC", "TITLE": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Crafter CMS", "version": {"version_data": [{"version_affected": "<", "version_name": "3.0", "version_value": "3.0.27"}, {"version_affected": "<", "version_name": "3.1", "version_value": "3.1.7"}]}}]}, "vendor_name": "Crafter Software"}]}}, "credit": [{"lang": "eng", "value": "Kai Zhao (ToTU Security Team)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"}]}]}, "references": {"reference_data": [{"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101", "refsource": "MISC", "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd", "assignerShortName": "crafter", "cveId": "CVE-2020-25802", "datePublished": "2020-08-01T00:00:00", "dateReserved": "2020-09-22T00:00:00", "dateUpdated": "2020-10-06T14:09:25", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:craftercms:studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "3160EEDD-DE23-40B7-AE9C-3EEAA6046667", "versionEndExcluding": "3.0.27", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:craftercms:studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AB816B9-6F7B-4092-ACDF-689BE6F42285", "versionEndExcluding": "3.1.7", "versionStartIncluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."}, {"lang": "es", "value": "Una vulnerabilidad de Control Inapropiado de Recursos de C\u00f3digo Administrado Din\u00e1micamente en Crafter Studio de Crafter CMS, permite a desarrolladores autenticados ejecutar comandos de Sistema Operativo por medio de scripting Groovy. Este problema afecta a: Crafter Software Crafter CMS versiones 3.0 anteriores a 3.0.27; versiones 3.1 anteriores a 3.1.7"}], "id": "CVE-2020-25802", "lastModified": "2020-10-09T19:02:53.970", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "security@craftersoftware.com", "type": "Secondary"}]}, "published": "2020-10-06T14:15:12.823", "references": [{"source": "security@craftersoftware.com", "tags": ["Vendor Advisory"], "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"}], "sourceIdentifier": "security@craftersoftware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-913"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-913"}], "source": "security@craftersoftware.com", "type": "Secondary"}]}