CVE-2019-5645

By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. When evaluated, this malicious handler can either prevent new HTTP handler sessions from being established, or cause a resource exhaustion on the Metasploit server.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/rapid7/metasploit-framework/pull/12433	Patch Third Party Advisory
https://github.com/rapid7/metasploit-framework/pull/12433	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:45

Type	Values Removed	Values Added
References	~~() https://github.com/rapid7/metasploit-framework/pull/12433 - Patch, Third Party Advisory~~	() https://github.com/rapid7/metasploit-framework/pull/12433 - Patch, Third Party Advisory

Information

Published : 2020-09-01 15:15

Updated : 2024-11-21 04:45

NVD link : CVE-2019-5645

Mitre link : CVE-2019-5645

CVE.ORG link : CVE-2019-5645

JSON object : View

Products Affected

rapid7

metasploit

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2019-5645", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cve@rapid7.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-09-01T15:15:11.983", "references": [{"url": "https://github.com/rapid7/metasploit-framework/pull/12433", "tags": ["Patch", "Third Party Advisory"], "source": "cve@rapid7.com"}, {"url": "https://github.com/rapid7/metasploit-framework/pull/12433", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve@rapid7.com", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. When evaluated, this malicious handler can either prevent new HTTP handler sessions from being established, or cause a resource exhaustion on the Metasploit server."}, {"lang": "es", "value": "Mediante el env\u00edo de una petici\u00f3n GET HTTP especialmente dise\u00f1ada hacia un manejador HTTP de Rapid7 Metasploit que est\u00e9 escuchando, un atacante puede registrar una expresi\u00f3n regular arbitraria. Cuando se eval\u00faa, este manejador malicioso puede impedir que sean establecidas nuevas sesiones del manejador HTTP o causar un agotamiento de recursos en el servidor de Metasploit"}], "lastModified": "2024-11-21T04:45:17.867", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62D5D3F5-4DBD-423D-8EB6-7D0EAB0EDAEF", "versionEndIncluding": "5.0.27"}], "operator": "OR"}]}], "sourceIdentifier": "cve@rapid7.com"}