CVE-2017-6398

{"id": "CVE-2017-6398", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2017-03-14T09:59:00.363", "references": [{"url": "http://www.securityfocus.com/bid/96859", "source": "cve@mitre.org"}, {"url": "https://www.rapid7.com/db/modules/exploit/linux/http/trend_micro_imsva_exec", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/96859", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.rapid7.com/db/modules/exploit/linux/http/trend_micro_imsva_exec", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because of an improper blacklisting rule, it's possible to inject arbitrary commands into it."}, {"lang": "es", "value": "Se ha descubierto un problema en Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. Un usuario autenticado puede ejecutar un comando terminal en el contexto del usuario del servidor web (que es root). Adem\u00e1s, la instalaci\u00f3n prederteminada de IMSVA viene con credenciales de administrador predeterminadas. El punto final saveCert.imss toma varias entradas de usuario y realiza listas negras. Despu\u00e9s de esto, los utiliza como argumentos para un comando predefinido del sistema operativo sin la apropiada desinfecci\u00f3n. Sin embargo, debido a una regla de lista negra incorrecta, es posible inyectar comandos arbitrarios en \u00e9l."}], "lastModified": "2024-11-21T03:29:41.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1-1600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75281083-D5B3-4223-8446-011DF492D762"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}