CVE-2019-17551

In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the mainForm:loanNotesnotes:0:rich_text_editor_note_text parameter in the Notes section. Although versions 6.31.8.3 and 6.31.8.5 are confirmed to be affected, all versions with the vulnerable WYSIWYG editor in the Notes section are likely affected.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.apakgroup.com/products/wholesale-floorplanning-finance/	Product
https://www.cybersecurity-help.cz/vdb/SB2019103106?affChecked=1	Third Party Advisory
https://www2.deloitte.com/de/de/pages/risk/articles/wholesale-finance-xss.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apakgroup:wholesale_floorplanning_finance:6.31.8.3:::::::*
	cpe:2.3:a:apakgroup:wholesale_floorplanning_finance:6.31.8.5:::::::*

History

No history.

Information

Published : 2019-10-31 03:15

Updated : 2024-02-28 17:28

NVD link : CVE-2019-17551

Mitre link : CVE-2019-17551

CVE.ORG link : CVE-2019-17551

JSON object : View

Products Affected

apakgroup

wholesale_floorplanning_finance

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-17551", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-10-31T03:15:11.777", "references": [{"url": "https://www.apakgroup.com/products/wholesale-floorplanning-finance/", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.cybersecurity-help.cz/vdb/SB2019103106?affChecked=1", "tags": ["Third Party Advisory"], "source": "nvd@nist.gov"}, {"url": "https://www2.deloitte.com/de/de/pages/risk/articles/wholesale-finance-xss.html", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the mainForm:loanNotesnotes:0:rich_text_editor_note_text parameter in the Notes section. Although versions 6.31.8.3 and 6.31.8.5 are confirmed to be affected, all versions with the vulnerable WYSIWYG editor in the Notes section are likely affected."}, {"lang": "es", "value": "En Apak Wholesale Floorplanning Finance versiones 6.31.8.3 y 6.31.8.5, un atacante puede enviar una petici\u00f3n POST autenticada con una carga \u00fatil maliciosa a /WFS/agreementView.faces que permite un XSS almacenado a mediante el par\u00e1metro mainForm:loanNotesnotes:0:rich_text_editor_note_text en la secci\u00f3n de Notes. Si bien se confirma que las versiones 6.31.8.3 y 6.31.8.5 est\u00e1n afectadas, todas las versiones con la secci\u00f3n \"Notes\" de WYSIWYG vulnerable probablemente est\u00e1n afectadas."}], "lastModified": "2019-11-07T20:15:10.903", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apakgroup:wholesale_floorplanning_finance:6.31.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F071E13C-50B8-46CD-9526-DD85C5941C7D"}, {"criteria": "cpe:2.3:a:apakgroup:wholesale_floorplanning_finance:6.31.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1423503C-62EA-4989-9876-75674B98B871"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}