CVE-2019-12180 - OpenCVE

An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the "Save Script" function, which is executed automatically when saving a project.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Smartbear	Readyapi Soapui

Configuration 1 [-]

OR	cpe:2.3:a:smartbear:readyapi::::::::
	cpe:2.3:a:smartbear:soapui::::::::

No data.

References

Link	Providers
https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-02-05T16:06:44

Updated: 2024-08-04T23:10:30.801Z

Reserved: 2019-05-19T00:00:00

Link: CVE-2019-12180

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-02-05T17:15:10.363

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-12180

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy \"Load Script\" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the \"Save Script\" function, which is executed automatically when saving a project."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-05T16:06:44", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12180", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy \"Load Script\" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the \"Save Script\" function, which is executed automatically when saving a project."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt", "refsource": "MISC", "url": "https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:10:30.801Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12180", "datePublished": "2020-02-05T16:06:44", "dateReserved": "2019-05-19T00:00:00", "dateUpdated": "2024-08-04T23:10:30.801Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:smartbear:readyapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "8923E48C-A1B7-4C10-92BB-1ACF469B0D9D", "versionEndIncluding": "3.0.0", "versionStartIncluding": "2.8.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:smartbear:soapui:*:*:*:*:*:*:*:*", "matchCriteriaId": "1668E5CF-5AF5-421A-9EBE-5BC9E89C8551", "versionEndIncluding": "5.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy \"Load Script\" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the \"Save Script\" function, which is executed automatically when saving a project."}, {"lang": "es", "value": "Se detect\u00f3 un problema en SmartBear ReadyAPI versiones hasta 2.8.2 y 3.0.0 y SoapUI versiones hasta 5.5. Cuando se abre un proyecto, el \"Load Script\" de Groovy es ejecutado autom\u00e1ticamente. Esto permite a un atacante ejecutar un c\u00f3digo de Groovy Language arbitrario (lenguaje de scripting Java) sobre la m\u00e1quina v\u00edctima al inducirlo para abrir un Proyecto malicioso. El mismo problema est\u00e1 presente en la funci\u00f3n \"Save Script\", que es ejecutada autom\u00e1ticamente cuando se guarda un proyecto."}], "id": "CVE-2019-12180", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-05T17:15:10.363", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://lab.mediaservice.net/advisory/2020-04-readyapi-soapui.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}