CVE-2019-17221

{"id": "CVE-2019-17221", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-11-05T14:15:13.537", "references": [{"url": "https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed."}, {"lang": "es", "value": "PhantomJS versiones hasta la versi\u00f3n 2.1.1, tiene una vulnerabilidad de lectura de archivos arbitraria, como es demostrado por un XMLHttpRequest para un URI file:// . La vulnerabilidad existe en la funci\u00f3n page.open() del m\u00f3dulo webpage, que carga una URL espec\u00edfica y llama a una devoluci\u00f3n de llamada determinada. Un atacante puede suministrar un archivo HTML especialmente dise\u00f1ado, como entrada del usuario, lo que permite leer archivos arbitrarios en el sistema de archivos. Por ejemplo, si la funci\u00f3n page.render() es la funci\u00f3n de devoluci\u00f3n de llamada, esto genera un PDF o una imagen del archivo de destino. NOTA: este producto ya no es desarrollado."}], "lastModified": "2024-11-21T04:31:53.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phantomjs:phantomjs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CED6EEC7-D449-4A55-B3D8-1275FFDFACA8", "versionEndIncluding": "2.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}