CVE-2019-10777 - OpenCVE

In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName".

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amazon	Aws Lambda

Configuration 1 [-]

cpe:2.3:a:amazon:aws_lambda:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839

History

No history.

MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2020-01-08T16:13:33

Updated: 2024-08-04T22:32:01.597Z

Reserved: 2019-04-03T00:00:00

Link: CVE-2019-10777

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-01-08T17:15:10.977

Modified: 2021-05-10T16:28:31.283

Link: CVE-2019-10777

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "aws-lambda", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to version 1.0.5"}]}], "descriptions": [{"lang": "en", "value": "In aws-lambda versions prior to version 1.0.5, the \"config.FunctioName\" is used to construct the argument used within the \"exec\" function without any sanitization. It is possible for a user to inject arbitrary commands to the \"zipCmd\" used within \"config.FunctionName\"."}], "problemTypes": [{"descriptions": [{"description": "Command Injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-08T16:13:33", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "report@snyk.io", "ID": "CVE-2019-10777", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "aws-lambda", "version": {"version_data": [{"version_value": "All versions prior to version 1.0.5"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In aws-lambda versions prior to version 1.0.5, the \"config.FunctioName\" is used to construct the argument used within the \"exec\" function without any sanitization. It is possible for a user to inject arbitrary commands to the \"zipCmd\" used within \"config.FunctionName\"."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839", "refsource": "CONFIRM", "url": "https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:32:01.597Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839"}]}]}, "cveMetadata": {"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2019-10777", "datePublished": "2020-01-08T16:13:33", "dateReserved": "2019-04-03T00:00:00", "dateUpdated": "2024-08-04T22:32:01.597Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amazon:aws_lambda:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FED6498-8210-4EA6-8B8F-F57332D6188D", "versionEndExcluding": "1.0.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In aws-lambda versions prior to version 1.0.5, the \"config.FunctioName\" is used to construct the argument used within the \"exec\" function without any sanitization. It is possible for a user to inject arbitrary commands to the \"zipCmd\" used within \"config.FunctionName\"."}, {"lang": "es", "value": "En aws-lambda versiones anteriores a la versi\u00f3n 1.0.5, el \"config.FunctioName\" es usado para construir el argumento utilizado dentro de la funci\u00f3n \"exec\" sin ning\u00fan saneamiento. Es posible que un usuario inyecte comandos arbitrarios en el \"zipCmd\" usado dentro de \"config.FunctionName\"."}], "id": "CVE-2019-10777", "lastModified": "2021-05-10T16:28:31.283", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-08T17:15:10.977", "references": [{"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://snyk.io/vuln/SNYK-JS-AWSLAMBDA-540839"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}