nvd-json-data-feeds/CVE-2020/CVE-2020-118xx/CVE-2020-11818.json

{
  "id": "CVE-2020-11818",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-04-16T19:15:27.400",
  "lastModified": "2024-11-21T04:58:41.757",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Rukovoditel 2.5.2 has a form_session_token value to prevent CSRF attacks. This protection mechanism can be bypassed with another user's valid token. Thus, an attacker can change the Admin password by using a CSRF attack and escalate his/her privileges."
    },
    {
      "lang": "es",
      "value": "En Rukovoditel versi\u00f3n 2.5.2, tiene un valor de form_session_token para impedir ataques CSRF. Este mecanismo de protecci\u00f3n se puede omitir con el token v\u00e1lido de otro usuario. Por lo tanto, un atacante puede cambiar la contrase\u00f1a de administrador mediante un ataque CSRF y escalar sus privilegios."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "baseScore": 6.8,
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:rukovoditel:rukovoditel:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81A85799-5B8E-4BAC-8E77-AA8E15BEDAD4"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-csrf-bypass-privilege.html",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-csrf-bypass-privilege.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}