CVE-2019-12311

{"id": "CVE-2019-12311", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-11-18T19:15:12.763", "references": [{"url": "http://seclists.org/fulldisclosure/2019/Nov/9", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://medium.com/insidersec0x42/centraleyezer-unrestricted-file-upload-cve-2019-12311-7cad12e95165", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded."}, {"lang": "es", "value": "Sandline Centraleyezer (On Premises) permite una Carga de Archivos Sin Restricciones conllevando a una vulnerabilidad de tipo XSS Almacenado. Una p\u00e1gina HTML que ejecuta un script podr\u00eda ser cargada en el servidor. Cuando una v\u00edctima intenta descargar una plantilla desde un Reporte de CISO, el script es cargado."}], "lastModified": "2019-11-21T14:43:16.847", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sandline:centraleyezer:-:*:*:*:on_premise:*:*:*", "vulnerable": true, "matchCriteriaId": "99536FD5-AF64-4F7F-9685-CE153565398B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}