CVE-2020-15189 - OpenCVE

SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brassica	Soy Cms

Configuration 1 [-]

cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/inunosinsi/soycms/issues/9
https://github.com/inunosinsi/soycms/pull/14
https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59
https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433
https://youtu.be/FWIDFNXmr9g

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-09-18T17:20:16

Updated: 2024-08-04T13:08:22.649Z

Reserved: 2020-06-25T00:00:00

Link: CVE-2020-15189

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-18T18:15:16.863

Modified: 2020-09-29T16:17:05.277

Link: CVE-2020-15189

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "soycms", "vendor": "inunosinsi", "versions": [{"status": "affected", "version": "< 3.0.2.328"}]}], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "{\"CWE-434\":\"Unrestricted Upload of File with Dangerous Type\"}", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-18T17:20:15", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"tags": ["x_refsource_MISC"], "url": "https://youtu.be/FWIDFNXmr9g"}], "source": {"advisory": "GHSA-6r2f-p68g-m433", "discovery": "UNKNOWN"}, "title": "Remote Code Execution in SOY CMS", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15189", "STATE": "PUBLIC", "TITLE": "Remote Code Execution in SOY CMS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "soycms", "version": {"version_data": [{"version_value": "< 3.0.2.328"}]}}]}, "vendor_name": "inunosinsi"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "{\"CWE-434\":\"Unrestricted Upload of File with Dangerous Type\"}"}]}]}, "references": {"reference_data": [{"name": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433", "refsource": "CONFIRM", "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"name": "https://github.com/inunosinsi/soycms/issues/9", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"name": "https://github.com/inunosinsi/soycms/pull/14", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"name": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59", "refsource": "MISC", "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"name": "https://youtu.be/FWIDFNXmr9g", "refsource": "MISC", "url": "https://youtu.be/FWIDFNXmr9g"}]}, "source": {"advisory": "GHSA-6r2f-p68g-m433", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:08:22.649Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://youtu.be/FWIDFNXmr9g"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15189", "datePublished": "2020-09-18T17:20:16", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.649Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE978394-A82D-43E0-AE72-36ABB7FBB3F9", "versionEndExcluding": "3.0.2.328", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vulnerability that was used in CVE-2020-15183 can be used to increase impact by redirecting the administrator to access a specially crafted page. This vulnerability is caused by insecure configuration in elFinder. This is fixed in version 3.0.2.328."}, {"lang": "es", "value": "SOY CMS versiones 3.0.2 y anteriores, est\u00e1n afectadas por una Ejecuci\u00f3n de C\u00f3digo Remota (RCE) usando una Carga de Archivos Sin Restricciones. La vulnerabilidad de tipo Cross-Site Scripting (XSS) que fue usada en el CVE-2020-15183 puede ser usada para aumentar el impacto al redireccionar el administrador para que acceda a una p\u00e1gina especialmente dise\u00f1ada. Esta vulnerabilidad es causada por una configuraci\u00f3n no segura en elFinder. Esto es corregido en la versi\u00f3n 3.0.2.328"}], "id": "CVE-2020-15189", "lastModified": "2020-09-29T16:17:05.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-09-18T18:15:16.863", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/issues/9"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/pull/14"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/pull/14/commits/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-6r2f-p68g-m433"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://youtu.be/FWIDFNXmr9g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security-advisories@github.com", "type": "Primary"}]}