CVE-2023-39424

{"id": "CVE-2023-39424", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve-requests@bitdefender.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-09-07T13:15:08.933", "references": [{"url": "https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", "tags": ["Third Party Advisory"], "source": "cve-requests@bitdefender.com"}, {"url": "https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-requests@bitdefender.com", "description": [{"lang": "en", "value": "CWE-74"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in\u00a0RDPngFileUpload.dll, as used in the\u00a0IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials.\u00a0"}, {"lang": "es", "value": "Una vulnerabilidad en RDPngFileUpload.dll, como se usa en el sistema de reservas IRM Next Generation, permite a un atacante remoto cargar contenido arbitrario (como un componente de web shel) en la base de datos SQL y ejecutarlo con privilegios SYSTEM. Esta vulnerabilidad requiere que se aproveche la autenticaci\u00f3n, pero puede combinarse con otra vulnerabilidad en la plataforma (CVE-2023-39420, que otorga acceso a credenciales codificadas) para llevar a cabo el ataque sin tener credenciales asignadas. \n"}], "lastModified": "2024-11-21T08:15:24.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:5.3.2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9D4E8D4-6E26-4EEE-BFB6-FA4BB522808C"}], "operator": "OR"}]}], "sourceIdentifier": "cve-requests@bitdefender.com"}