admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-431xx/CVE-2021-43176.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

120 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-43176",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2021-12-07T18:15:07.043",
"lastModified": "2021-12-09T17:46:09.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied \u201caction\u201d parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sanitize the user input that specifies the action. This permits an attacker to execute any PHP source file with a .php extension that is present on the disk and readable by the GOautodial web server process. Combined with CVE-2021-43175, it is possible for the attacker to do this without valid credentials. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
},
{
"lang": "es",
"value": "La API de GOautodial anterior al commit 3c3a979 realizado el 13 de octubre de 2021 toma un par\u00e1metro \"action\" proporcionado por el usuario y a\u00f1ade una extensi\u00f3n de archivo .php para localizar y cargar el archivo PHP correcto para implementar la llamada a la API. Las versiones vulnerables de GOautodial no sanean la entrada del usuario que especifica la acci\u00f3n. Esto permite a un atacante ejecutar cualquier archivo fuente PHP con una extensi\u00f3n .php que est\u00e9 presente en el disco y sea legible por el proceso del servidor web GOautodial. Combinado con CVE-2021-43175, es posible que el atacante haga esto sin credenciales v\u00e1lidas. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goautodial:goautodial:4:*:*:*:*:*:*:*",
"matchCriteriaId": "34D620FB-064A-42A2-9222-398A95B85275"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goautodial:goautodial_api:2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A227C38-0641-4F76-A524-DDE8A5FAB2C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-goautodial-vulnerabilities",
"source": "disclosure@synopsys.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink