CVE-2020-27994 - OpenCVE

SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Solarwinds	Serv-u

Configuration 1 [-]

cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2021/Feb/36	Exploit Mailing List Third Party Advisory
https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm	Release Notes Vendor Advisory
https://www.themissinglink.com.au/security-advisories-cve-2020-27994	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-02-03T15:51:50

Updated: 2021-02-12T18:06:16

Reserved: 2020-10-29T00:00:00

Link: CVE-2020-27994

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-03T16:15:13.273

Modified: 2021-02-18T15:26:35.543

Link: CVE-2020-27994

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-12T18:06:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"}, {"name": "20210211 Path traversal in SolarWinds Serv-U File Server <=15.2.1", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Feb/36"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-27994", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994", "refsource": "MISC", "url": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994"}, {"name": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm", "refsource": "CONFIRM", "url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"}, {"name": "20210211 Path traversal in SolarWinds Serv-U File Server <=15.2.1", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Feb/36"}, {"name": "http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-27994", "datePublished": "2021-02-03T15:51:50", "dateReserved": "2020-10-29T00:00:00", "dateUpdated": "2021-02-12T18:06:16", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "B87891C6-CFA7-42B6-9EB8-B313B08D6266", "versionEndExcluding": "15.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal."}, {"lang": "es", "value": "SolarWinds Serv-U versiones anteriores a 15.2.2, permite un Salto de Directorio autenticado"}], "id": "CVE-2020-27994", "lastModified": "2021-02-18T15:26:35.543", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-03T16:15:13.273", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Feb/36"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}