CVE-2020-15188 - OpenCVE

SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brassica	Soy Cms

Configuration 1 [-]

cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/inunosinsi/soycms/issues/10
https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020
https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp
https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-09-18T17:05:18

Updated: 2024-08-04T13:08:22.678Z

Reserved: 2020-06-25T00:00:00

Link: CVE-2020-15188

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-18T17:15:12.503

Modified: 2020-09-29T14:04:43.257

Link: CVE-2020-15188

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "soycms", "vendor": "inunosinsi", "versions": [{"status": "affected", "version": "< 3.0.2.328"}]}], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "{\"CWE-502\":\"Deserialization of Untrusted Data\"}", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-18T17:05:18", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/issues/10"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020"}, {"tags": ["x_refsource_MISC"], "url": "https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be"}], "source": {"advisory": "GHSA-hrrx-m22r-p9jp", "discovery": "UNKNOWN"}, "title": "Unauthenticated Remote Code Execution in SOY CMS", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15188", "STATE": "PUBLIC", "TITLE": "Unauthenticated Remote Code Execution in SOY CMS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "soycms", "version": {"version_data": [{"version_value": "< 3.0.2.328"}]}}]}, "vendor_name": "inunosinsi"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "{\"CWE-502\":\"Deserialization of Untrusted Data\"}"}]}]}, "references": {"reference_data": [{"name": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp", "refsource": "CONFIRM", "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp"}, {"name": "https://github.com/inunosinsi/soycms/issues/10", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/issues/10"}, {"name": "https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020"}, {"name": "https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be", "refsource": "MISC", "url": "https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be"}]}, "source": {"advisory": "GHSA-hrrx-m22r-p9jp", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:08:22.678Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/issues/10"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15188", "datePublished": "2020-09-18T17:05:18", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.678Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE978394-A82D-43E0-AE72-36ABB7FBB3F9", "versionEndExcluding": "3.0.2.328", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328."}, {"lang": "es", "value": "SOY CMS versiones 3.0.2.327 y anteriores, est\u00e1n afectadas por una Ejecuci\u00f3n de C\u00f3digo Remota (RCE) No Autenticado. El permite a atacantes remotos ejecutar cualquier c\u00f3digo arbitrario cuando la funcionalidad inquiry form es habilitada por el servicio. La vulnerabilidad es causada por la deserializaci\u00f3n del formulario sin restricciones. Esto se corrigi\u00f3 en versi\u00f3n 3.0.2.328"}], "id": "CVE-2020-15188", "lastModified": "2020-09-29T14:04:43.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-09-18T17:15:12.503", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/issues/10"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Primary"}]}