CVE-2020-8983 - OpenCVE

Vendors	Products
Citrix	Sharefile Storagezones Controller

Link	Resource
https://drive.google.com/file/d/15iy6S8CN9Hku0a2zrcrXK9FAocmQvMwT/view?usp=sharing
https://support.citrix.com/article/CTX269106	Vendor Advisory
https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-05-15T19:34:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.citrix.com/article/CTX269106"}, {"tags": ["x_refsource_MISC"], "url": "https://drive.google.com/file/d/15iy6S8CN9Hku0a2zrcrXK9FAocmQvMwT/view?usp=sharing"}, {"tags": ["x_refsource_MISC"], "url": "https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8983", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://support.citrix.com/article/CTX269106", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX269106"}, {"name": "https://drive.google.com/file/d/15iy6S8CN9Hku0a2zrcrXK9FAocmQvMwT/view?usp=sharing", "refsource": "MISC", "url": "https://drive.google.com/file/d/15iy6S8CN9Hku0a2zrcrXK9FAocmQvMwT/view?usp=sharing"}, {"name": "https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/", "refsource": "MISC", "url": "https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8983", "datePublished": "2020-05-07T13:57:03", "dateReserved": "2020-02-13T00:00:00", "dateUpdated": "2020-05-15T19:34:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:sharefile_storagezones_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3CDF2EB6-BDE8-42F1-AE12-3370B3CBC053", "versionEndIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:sharefile_storagezones_controller:5.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C78467E3-DBB4-4C65-A80A-5482B95AD0A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:sharefile_storagezones_controller:5.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFBF1D87-DB8B-4F4A-9EDE-A73428734361", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:sharefile_storagezones_controller:5.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "17B1B70C-376C-456A-A335-E23A0E922ECE", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:sharefile_storagezones_controller:5.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90EDDA18-9157-4408-9C8D-92B242312950", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982."}, {"lang": "es", "value": "Existe un problema de escritura arbitraria de archivos en todas las versiones del controlador Citrix ShareFile StorageZones (tambi\u00e9n conocido como zonas de almacenamiento), incluidas las versiones m\u00e1s recientes de 5.10.x a partir de mayo de 2020, que permite la ejecuci\u00f3n remota de c\u00f3digo. El acceso a archivos y RCE se otorga a todo lo alojado por ShareFile, ya sea en las instalaciones o dentro de Citrix Cloud (ambos est\u00e1n orientados a Internet). NOTA: a diferencia de la mayor\u00eda de los CVE, la capacidad de explotaci\u00f3n depende de la versi\u00f3n del producto que estaba en uso cuando se realiz\u00f3 un paso de configuraci\u00f3n particular, NO de la versi\u00f3n del producto que est\u00e1 en uso durante una evaluaci\u00f3n actual del inventario de productos de un consumidor de CVE. Espec\u00edficamente, la vulnerabilidad puede explotarse si una de estas versiones del producto cre\u00f3 una zona de almacenamiento: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0 o anterior. Este CVE difiere de CVE-2020-7473 y CVE-2020-8982."}], "id": "CVE-2020-8983", "lastModified": "2020-05-15T20:15:14.577", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-07T14:15:12.057", "references": [{"source": "cve@mitre.org", "url": "https://drive.google.com/file/d/15iy6S8CN9Hku0a2zrcrXK9FAocmQvMwT/view?usp=sharing"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.citrix.com/article/CTX269106"}, {"source": "cve@mitre.org", "url": "https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

JSON object

JSON object

JSON object