CVE-2020-15713

rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database.

CVSS v3 8.8 HIGH
CVSS v2.0 6.5 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/184939	VDB Entry
https://www.rconfig.com/downloads/v3-release-notes	Release Notes Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/184939	VDB Entry
https://www.rconfig.com/downloads/v3-release-notes	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rconfig:rconfig:3.9.5:*:*:*:*:*:*:*

History

21 Nov 2024, 05:06

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/184939 - VDB Entry~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/184939 - VDB Entry
References	~~() https://www.rconfig.com/downloads/v3-release-notes - Release Notes, Vendor Advisory~~	() https://www.rconfig.com/downloads/v3-release-notes - Release Notes, Vendor Advisory

Information

Published : 2020-07-28 14:15

Updated : 2024-11-21 05:06

NVD link : CVE-2020-15713

Mitre link : CVE-2020-15713

CVE.ORG link : CVE-2020-15713

JSON object : View

Products Affected

rconfig

rconfig

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2020-15713", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-07-28T14:15:13.203", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184939", "tags": ["VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.rconfig.com/downloads/v3-release-notes", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184939", "tags": ["VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.rconfig.com/downloads/v3-release-notes", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database."}, {"lang": "es", "value": "rConfig versi\u00f3n 3.9.5, es vulnerable a una inyecci\u00f3n SQL. Un atacante autenticado remoto podr\u00eda enviar instrucciones SQL dise\u00f1adas hacia el script devices.php usando el par\u00e1metro sortBy, lo que podr\u00eda permitir al atacante visualizar, agregar, modificar o eliminar informaci\u00f3n en la base de datos del back-end"}], "lastModified": "2024-11-21T05:06:04.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rconfig:rconfig:3.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD07A09E-A9CF-4B07-9B5B-B1A606B3327E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}