CVE-2020-28328

{"id": "CVE-2020-28328", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-11-06T19:15:14.143", "references": [{"url": "http://packetstormsecurity.com/files/159937/SuiteCRM-7.11.15-Remote-Code-Execution.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/162975/SuiteCRM-Log-File-Remote-Code-Execution.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/165001/SuiteCRM-7.11.18-Remote-Code-Execution.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/mcorybillington/SuiteCRM-RCE", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://suitecrm.com/suitecrm-7-11-17-7-10-28-lts-versions-released/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under the web root."}, {"lang": "es", "value": "SuiteCRM versiones anteriores a 7.11.17 es vulnerable a una ejecuci\u00f3n de c\u00f3digo remota por medio de la configuraci\u00f3n Log File Name de los ajustes de sistema. En determinadas circunstancias involucra la toma de control de la cuenta de administrador, la funci\u00f3n logger_file_name puede referirse a un archivo .php controlado por el atacante en la web root"}], "lastModified": "2021-12-02T19:23:31.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "099F9A06-77B4-4F2C-9E71-7B8B5BEF418F", "versionEndExcluding": "7.11.17"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}