CVE-2020-9004

A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any read-only user to issue requests to the administration panel in order to change functionality. For example, a read-only user may activate the Java JMX port in unauthenticated mode and execute OS commands under root privileges. This issue was resolved in Wowza Streaming Engine 4.8.5.

CVSS v3 8.8 HIGH
CVSS v2.0 9.0 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-9004-Authenticated%20Remote%20Authorization%20Bypass%20Leading%20to%20RCE-Wowza	Exploit Third Party Advisory
https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2020-9004.txt	Third Party Advisory
https://www.wowza.com/docs/wowza-streaming-engine-4-8-5-release-notes	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-04-14 15:15

Updated : 2024-02-28 17:47

NVD link : CVE-2020-9004

Mitre link : CVE-2020-9004

CVE.ORG link : CVE-2020-9004

JSON object : View

Products Affected

wowza

streaming_engine

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2020-9004", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-04-14T15:15:13.353", "references": [{"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-9004-Authenticated%20Remote%20Authorization%20Bypass%20Leading%20to%20RCE-Wowza", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2020-9004.txt", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.wowza.com/docs/wowza-streaming-engine-4-8-5-release-notes", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any read-only user to issue requests to the administration panel in order to change functionality. For example, a read-only user may activate the Java JMX port in unauthenticated mode and execute OS commands under root privileges. This issue was resolved in Wowza Streaming Engine 4.8.5."}, {"lang": "es", "value": "Una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n autenticada remota en Wowza Streaming Engine versi\u00f3n 4.8.0 y anteriores permite a cualquier usuario de s\u00f3lo lectura emitir peticiones al panel de administraci\u00f3n para cambiar la funcionalidad. Por ejemplo, un usuario de s\u00f3lo lectura puede activar el puerto Java JMX en modo no autenticado y ejecutar comandos del Sistema Operativo con privilegios de root. Este problema se resolvi\u00f3 en Wowza Streaming Engine 4.8.5"}], "lastModified": "2022-05-03T14:06:14.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72870676-F760-48D9-8DA3-39D4C99C7BFE", "versionEndIncluding": "4.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}