CVE-2020-11016 - Vulnerability Details - OpenCVE

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue to execute arbitrary code with the privileges of the webserver. Version 2.1.1 fixes the vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.01367.

Key SSVC decision points have not yet been added.

Vendors	Products
Intelmq Manager Project	Intelmq Manager

Configuration 1 [-]

cpe:2.3:a:intelmq_manager_project:intelmq_manager:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013
https://github.com/certtools/intelmq-manager/releases/tag/2.1.1
https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2
https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-04-30T22:25:18

Updated: 2024-08-04T11:21:14.379Z

Reserved: 2020-03-30T00:00:00

Link: CVE-2020-11016

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-04-30T23:15:11.403

Modified: 2024-11-21T04:56:35.323

Link: CVE-2020-11016

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "IntelMQ Manager", "vendor": "certtools", "versions": [{"status": "affected", "version": ">= 1.1.0, < 2.1.1"}]}], "descriptions": [{"lang": "en", "value": "IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the \"send\" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue to execute arbitrary code with the privileges of the webserver. Version 2.1.1 fixes the vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-04-30T22:25:17", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1"}, {"tags": ["x_refsource_MISC"], "url": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html"}], "source": {"advisory": "GHSA-rrhh-rcgp-q2m2", "discovery": "UNKNOWN"}, "title": "Remote code execution in Message sending functionality in IntelMQ Manager", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-11016", "STATE": "PUBLIC", "TITLE": "Remote code execution in Message sending functionality in IntelMQ Manager"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "IntelMQ Manager", "version": {"version_data": [{"version_value": ">= 1.1.0, < 2.1.1"}]}}]}, "vendor_name": "certtools"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the \"send\" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue to execute arbitrary code with the privileges of the webserver. Version 2.1.1 fixes the vulnerability."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2", "refsource": "CONFIRM", "url": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2"}, {"name": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013", "refsource": "MISC", "url": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013"}, {"name": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1", "refsource": "MISC", "url": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1"}, {"name": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html", "refsource": "MISC", "url": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html"}]}, "source": {"advisory": "GHSA-rrhh-rcgp-q2m2", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:21:14.379Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-11016", "datePublished": "2020-04-30T22:25:18", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-04T11:21:14.379Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intelmq_manager_project:intelmq_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "86C918B9-EE1D-4FDB-8FEE-F45DC024650B", "versionEndExcluding": "2.1.1", "versionStartIncluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the \"send\" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue to execute arbitrary code with the privileges of the webserver. Version 2.1.1 fixes the vulnerability."}, {"lang": "es", "value": "IntelMQ Manager desde la versi\u00f3n 1.1.0 y anteriores a la versi\u00f3n 2.1.1, presenta una vulnerabilidad en la que el backend maneja incorrectamente los mensajes proporcionados por la entrada del usuario en la funcionalidad \"send\" de la herramienta de inspecci\u00f3n del componente Monitor. Un atacante con acceso a IntelMQ Manager, podr\u00eda posiblemente usar este problema para ejecutar c\u00f3digo arbitrario con los privilegios del webserver. La versi\u00f3n 2.1.1 corrige la vulnerabilidad."}], "id": "CVE-2020-11016", "lastModified": "2024-11-21T04:56:35.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 5.3, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-30T23:15:11.403", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/commit/b9a2ac43a4f99d764b827108f6a99dc4a9faa013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/releases/tag/2.1.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/certtools/intelmq-manager/security/advisories/GHSA-rrhh-rcgp-q2m2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.cert.at/pipermail/intelmq-users/2020-April/000161.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}