CVE-2020-10780

{"id": "CVE-2020-10780", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 2.1}]}, "published": "2020-08-11T14:15:11.383", "references": [{"url": "https://access.redhat.com/security/cve/cve-2020-10780", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847794", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/cve-2020-10780", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847794", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1236"}]}], "descriptions": [{"lang": "en", "value": "Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affects the application directly, attackers could use the loosely validated parameters to trigger several attack possibilities."}, {"lang": "es", "value": "Red Hat CloudForms versiones 4.7 y 5, est\u00e1 afectado por un fallo de inyecci\u00f3n CSV, una carga \u00fatil dise\u00f1ada permanece inactiva hasta que una v\u00edctima la exporta como CSV y abre el archivo con Excel. Una vez que la v\u00edctima abre el archivo, la f\u00f3rmula es ejecutada, desencadenando cualquier n\u00famero de posibles eventos. Si bien esto no es estrictamente un fallo que afecte directamente a una aplicaci\u00f3n, los atacantes podr\u00edan usar los par\u00e1metros poco comprobados para desencadenar varias posibilidades de ataque"}], "lastModified": "2024-11-21T04:56:03.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:cloudforms_management_engine:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5B8649B-781F-4759-B16A-722CB4E083F5"}, {"criteria": "cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7098B44F-56BF-42E3-8831-48D0A8E99EE2"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}