CVE-2018-7718 - OpenCVE

An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Telexy	Qpath

Configuration 1 [-]

cpe:2.3:a:telexy:qpath:5.4.462:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-11-08T21:00:00

Updated: 2024-08-05T06:31:05.258Z

Reserved: 2018-03-05T00:00:00

Link: CVE-2018-7718

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-11-08T21:29:00.200

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-7718

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-08T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-7718", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf", "refsource": "MISC", "url": "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:31:05.258Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-7718", "datePublished": "2018-11-08T21:00:00", "dateReserved": "2018-03-05T00:00:00", "dateUpdated": "2024-08-05T06:31:05.258Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:telexy:qpath:5.4.462:*:*:*:*:*:*:*", "matchCriteriaId": "9F83FB2A-A834-4F78-B8CD-1A789519B863", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Telexy QPath 5.4.462. Un usuario autentificado con bajos privilegios que proporcione una petici\u00f3n serializada especialmente dise\u00f1ada a AdanitDataService.svc puede modificar la informaci\u00f3n del usuario, incluyendo pero no limit\u00e1ndose a la direcci\u00f3n de correo electr\u00f3nico, el nombre de usuario y la contrase\u00f1a de otras cuentas de usuario. El m\u00e9todo de ataque m\u00e1s sencillo es que el atacante intercepte su propia solicitud de cambio de contrase\u00f1a y modifique el nombre de usuario antes de que la solicitud llegue al servidor. Adem\u00e1s, cambiar la direcci\u00f3n de correo electr\u00f3nico de una v\u00edctima puede tener una consecuencia similar: la apropiaci\u00f3n de la cuenta."}], "id": "CVE-2018-7718", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-08T21:29:00.200", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}