CVE-2020-16230 - OpenCVE

All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hms-networks	Ewon Cosy Ewon Cosy Firmware Ewon Flexy Ewon Flexy Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hms-networks:ewon_flexy_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hms-networks:ewon_flexy:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hms-networks:ewon_cosy:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2020-09-18T18:04:16

Updated: 2024-08-04T13:37:54.179Z

Reserved: 2020-07-31T00:00:00

Link: CVE-2020-16230

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-18T19:15:16.153

Modified: 2021-11-22T16:25:59.493

Link: CVE-2020-16230

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "HMS Networks Ewon Flexy and Cosy", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to 14.1"}]}], "descriptions": [{"lang": "en", "value": "All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing."}], "problemTypes": [{"descriptions": [{"description": "PERMISSIVE CROSS-DOMAIN POLICY WITH UNTRUSTED DOMAINS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-03-18T21:24:54", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2020-16230", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HMS Networks Ewon Flexy and Cosy", "version": {"version_data": [{"version_value": "All versions prior to 14.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "PERMISSIVE CROSS-DOMAIN POLICY WITH UNTRUSTED DOMAINS"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:37:54.179Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2020-16230", "datePublished": "2020-09-18T18:04:16", "dateReserved": "2020-07-31T00:00:00", "dateUpdated": "2024-08-04T13:37:54.179Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hms-networks:ewon_flexy_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47CD785A-1417-4FA8-9721-1952B025F829", "versionEndExcluding": "14.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hms-networks:ewon_flexy:-:*:*:*:*:*:*:*", "matchCriteriaId": "58057056-ED41-4C3F-9ABC-DB595741C9A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FF114F7-854C-47B2-848F-927A3E647436", "versionEndExcluding": "14.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hms-networks:ewon_cosy:-:*:*:*:*:*:*:*", "matchCriteriaId": "999DB8E0-FE32-4561-A8E8-E95B8574419B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing."}, {"lang": "es", "value": "Todas las versiones de Ewon Flexy Cozy versiones anteriores a la 14.1, usan comodines tales como (*) bajo los cuales los dominios pueden solicitar recursos. Un atacante con acceso local y privilegios elevados podr\u00eda inyectar scripts en la configuraci\u00f3n Cross-origin Resource Sharing (CORS) que podr\u00edan abusar de esta vulnerabilidad, permitiendo al atacante recuperar informaci\u00f3n confidencial limitada por medio del rastreo"}], "id": "CVE-2020-16230", "lastModified": "2021-11-22T16:25:59.493", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-18T19:15:16.153", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}