{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-12T19:22:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13774", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/", "refsource": "MISC", "url": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:25:16.517Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13774", "datePublished": "2020-11-12T19:22:15", "dateReserved": "2020-06-02T00:00:00", "dateUpdated": "2024-08-04T12:25:16.517Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2019.1:*:*:*:*:*:*:*", "matchCriteriaId": "4BD9E4D7-899F-4CA4-A252-215F21DE7919", "vulnerable": true}, {"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2020.1:*:*:*:*:*:*:*", "matchCriteriaId": "B466D6DA-27D7-47F6-A97B-5E39DD385DB8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server."}, {"lang": "es", "value": "Un problema de carga de archivos sin restricciones en el archivo EditLaunchPadDialog.aspx en Ivanti Endpoint Manager versiones 2019.1 y 2020.1, permite a un atacante autenticado conseguir una ejecuci\u00f3n de c\u00f3digo remota cargando un archivo aspx malicioso. El problema es causado por una validaci\u00f3n de extensi\u00f3n de archivo insuficiente y operaciones de archivo no seguras en la imagen cargada, que tras el fallo dejar\u00e1n los archivos creados temporalmente en una ubicaci\u00f3n accesible en el servidor"}], "id": "CVE-2020-13774", "lastModified": "2024-11-21T05:01:49.847", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-12T20:15:16.017", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}