CVE-2020-7355 - Vulnerability Details

Cross-site Scripting (XSS) vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface. This issue affects Rapid7 Metasploit Pro version 4.17.1-20200427 and prior versions, and is fixed in Metasploit Pro version 4.17.1-20200514. See also CVE-2020-7354, which describes a similar issue, but involving the generated 'host' field of a discovered scan asset.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rapid7	Metasploit

Configuration 1 [-]

OR	cpe:2.3:a:rapid7:metasploit:::::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:-:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170221:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170323:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170405:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170419:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170510:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170518:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170530:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170613:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170627:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170718:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170731:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170816:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170828:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170914:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20170926:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171009:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171030:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171115:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171129:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171206:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20171220:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180108:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180124:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180206:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180301:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180312:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180327:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180410:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180501:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180511:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180526:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180618:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180704:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180716:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180727:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180813:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180827:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180907:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20180924:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20181009:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20181022:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20181105:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20181130:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20181215:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190108:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190118:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190201:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190219:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190303:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190319:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190331:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190416:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190426:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190513:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190603:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190607:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190626:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190722:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190805:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190819:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190910:::pro:::*
	cpe:2.3:a:rapid7:metasploit:4.17.1:20190930:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20191014:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20191030:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20191108:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20191209:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200113:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200122:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200131:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200218:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200302:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200318:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200330:::pro:::*
cpe:2.3:a:rapid7:metasploit:4.17.1:20200413:::pro:::*

No data.

References

Link	Providers
https://avalz.it/research/metasploit-pro-xss-to-rce/
https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514

History

No history.

MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2020-06-25T17:15:15.975135Z

Updated: 2024-09-17T02:31:45.777Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7355

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-25T18:15:12.410

Modified: 2024-11-21T05:37:06.330

Link: CVE-2020-7355

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Metasploit Pro", "vendor": "Rapid7", "versions": [{"lessThanOrEqual": "4.17.1-20200427", "status": "affected", "version": "4.17.1-20200427", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Andrea Valenza at the University of Genoa discovered and reported this issue to Rapid7"}], "datePublic": "2020-05-21T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site Scripting (XSS) vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface. This issue affects Rapid7 Metasploit Pro version 4.17.1-20200427 and prior versions, and is fixed in Metasploit Pro version 4.17.1-20200514. See also CVE-2020-7354, which describes a similar issue, but involving the generated 'host' field of a discovered scan asset."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-25T17:15:15", "orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514"}, {"tags": ["x_refsource_MISC"], "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/"}], "solutions": [{"lang": "en", "value": "Update to Metasploit Pro version 4.17.1-20200514 to fix this issue."}], "source": {"discovery": "EXTERNAL"}, "title": "Rapid7 Metasploit Pro Stored XSS in 'notes' field", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@rapid7.com", "DATE_PUBLIC": "2020-05-21T13:13:00.000Z", "ID": "CVE-2020-7355", "STATE": "PUBLIC", "TITLE": "Rapid7 Metasploit Pro Stored XSS in 'notes' field"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Metasploit Pro", "version": {"version_data": [{"version_affected": "<=", "version_name": "4.17.1-20200427", "version_value": "4.17.1-20200427"}]}}]}, "vendor_name": "Rapid7"}]}}, "credit": [{"lang": "eng", "value": "Andrea Valenza at the University of Genoa discovered and reported this issue to Rapid7"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site Scripting (XSS) vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface. This issue affects Rapid7 Metasploit Pro version 4.17.1-20200427 and prior versions, and is fixed in Metasploit Pro version 4.17.1-20200514. See also CVE-2020-7354, which describes a similar issue, but involving the generated 'host' field of a discovered scan asset."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514", "refsource": "CONFIRM", "url": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514"}, {"name": "https://avalz.it/research/metasploit-pro-xss-to-rce/", "refsource": "MISC", "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/"}]}, "solution": [{"lang": "en", "value": "Update to Metasploit Pro version 4.17.1-20200514 to fix this issue."}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:49.093Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/"}]}]}, "cveMetadata": {"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "assignerShortName": "rapid7", "cveId": "CVE-2020-7355", "datePublished": "2020-06-25T17:15:15.975135Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-17T02:31:45.777Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rapid7:metasploit:*:*:*:*:pro:*:*:*", "matchCriteriaId": "B4607DF8-1406-428E-AF03-04D3EFE8586D", "versionEndExcluding": "4.17.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:-:*:*:pro:*:*:*", "matchCriteriaId": "8E047784-19E4-4178-89BD-8F0E6C30DA94", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170221:*:*:pro:*:*:*", "matchCriteriaId": "E4C55046-26E4-4BE3-9CFA-42DC05F782BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170323:*:*:pro:*:*:*", "matchCriteriaId": "2D34B5C5-499B-4F42-86E8-22D978DF8806", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170405:*:*:pro:*:*:*", "matchCriteriaId": "3CBE5966-C31E-4C9F-B2FE-7CDEBD1BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170419:*:*:pro:*:*:*", "matchCriteriaId": "548C348D-339C-44F7-B755-9F7A13B522E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170510:*:*:pro:*:*:*", "matchCriteriaId": "CD803A97-AF04-492F-BC1C-A2246BA3DFDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170518:*:*:pro:*:*:*", "matchCriteriaId": "1D7613E2-195A-4B82-9E44-8DA13E3D8CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170530:*:*:pro:*:*:*", "matchCriteriaId": "F7CA753B-D800-4897-850B-0E16A6AB5D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170613:*:*:pro:*:*:*", "matchCriteriaId": "ACEF56C3-AD1B-49C1-BE2A-EBB31B24D024", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170627:*:*:pro:*:*:*", "matchCriteriaId": "F0801B0E-C4F4-4B92-BFE8-030F6177449A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170718:*:*:pro:*:*:*", "matchCriteriaId": "57CD1F31-5102-4D6C-8380-394A2D3E04E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170731:*:*:pro:*:*:*", "matchCriteriaId": "C3C90EF9-9370-4240-83FC-BEF54ECFBB04", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170816:*:*:pro:*:*:*", "matchCriteriaId": "3777FB35-0AE3-4EB5-988C-08CE20E8AB60", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170828:*:*:pro:*:*:*", "matchCriteriaId": "645837BA-4122-4B3A-A638-F92894CB0F5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170914:*:*:pro:*:*:*", "matchCriteriaId": "80CE6808-487E-4B67-B617-2FC69201C676", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20170926:*:*:pro:*:*:*", "matchCriteriaId": "13EF0494-CE9E-4B63-9D2E-2AFB3512BAC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171009:*:*:pro:*:*:*", "matchCriteriaId": "41AC3FDB-AEB9-4B6F-81EB-A4EE7FCD2957", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171030:*:*:pro:*:*:*", "matchCriteriaId": "22BF97B2-EF2A-4DD9-81E9-2806731F5A3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171115:*:*:pro:*:*:*", "matchCriteriaId": "5233FFC8-D110-414F-AA4E-F5AF7C74F585", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171129:*:*:pro:*:*:*", "matchCriteriaId": "D63C9642-EEEA-4B2C-9C6E-9ABBFD9DCBCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171206:*:*:pro:*:*:*", "matchCriteriaId": "63FFB33E-717C-4C6F-8D66-9C9F1C940D87", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20171220:*:*:pro:*:*:*", "matchCriteriaId": "6768BA01-C0FB-49E2-8A61-28929C2B1B1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180108:*:*:pro:*:*:*", "matchCriteriaId": "1866B819-707E-432D-92EA-3AA1F347DAED", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180124:*:*:pro:*:*:*", "matchCriteriaId": "BDDCD2E4-6853-41CE-A07A-2F028E72DFF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180206:*:*:pro:*:*:*", "matchCriteriaId": "B3D2C4BF-B825-4890-B2DB-D20FD6756B35", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180301:*:*:pro:*:*:*", "matchCriteriaId": "76DB58D7-1B47-4817-9D06-E5656B1331F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180312:*:*:pro:*:*:*", "matchCriteriaId": "8FF30D6E-0765-4271-A040-235E3B33503E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180327:*:*:pro:*:*:*", "matchCriteriaId": "85DD6D65-CE57-4A3A-9193-CD82CCD4BDBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180410:*:*:pro:*:*:*", "matchCriteriaId": "9F1B811A-7790-4407-B910-0C70927F7D2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180501:*:*:pro:*:*:*", "matchCriteriaId": "EE7DFBE8-5ABE-4C67-A85D-8D37E206E51C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180511:*:*:pro:*:*:*", "matchCriteriaId": "E3D1BBDD-D3FD-4F3D-9279-46EDF96FE317", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180526:*:*:pro:*:*:*", "matchCriteriaId": "488C3810-3393-4817-87DB-0E2CD2CA3969", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180618:*:*:pro:*:*:*", "matchCriteriaId": "9E00DD73-1F9B-4944-907E-F1773316B63B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180704:*:*:pro:*:*:*", "matchCriteriaId": "57966911-0CFC-4355-9B08-2F2688302F96", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180716:*:*:pro:*:*:*", "matchCriteriaId": "8439D629-F7F0-4ADA-9BC6-2E3E34220CDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180727:*:*:pro:*:*:*", "matchCriteriaId": "A26FBA32-4114-42EB-9427-254AB3B9F06B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180813:*:*:pro:*:*:*", "matchCriteriaId": "4A6AE478-FC91-4A4A-9CB0-7BD29ED42E77", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180827:*:*:pro:*:*:*", "matchCriteriaId": "A21F2F21-3970-4F75-B72B-D939F35448BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180907:*:*:pro:*:*:*", "matchCriteriaId": "A0FD1D96-50EA-47E8-997B-CE6B1E58BADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20180924:*:*:pro:*:*:*", "matchCriteriaId": "31FC17EF-B89B-48A2-9196-5E2DA5A2D118", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20181009:*:*:pro:*:*:*", "matchCriteriaId": "1BB88831-3170-453D-B416-E1F962F8AD6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20181022:*:*:pro:*:*:*", "matchCriteriaId": "1BBF5DA5-B318-436B-8071-A617B99E0637", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20181105:*:*:pro:*:*:*", "matchCriteriaId": "BBD348EF-91F5-4C02-BD98-ABA902131183", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20181130:*:*:pro:*:*:*", "matchCriteriaId": "8FE78790-13DE-43F6-80C2-3F85FF6E16E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20181215:*:*:pro:*:*:*", "matchCriteriaId": "BFA0AEAD-9A25-4659-802F-BB56C68847BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190108:*:*:pro:*:*:*", "matchCriteriaId": "1009C89A-D461-4BFF-A91B-24B7D0E17297", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190118:*:*:pro:*:*:*", "matchCriteriaId": "CA03DBAA-EE97-4D73-9454-13FA73F021E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190201:*:*:pro:*:*:*", "matchCriteriaId": "24DF8346-A21D-44C7-A491-A58099B4D88B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190219:*:*:pro:*:*:*", "matchCriteriaId": "8B38D653-F840-49FA-B4FA-7C23A101E77B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190303:*:*:pro:*:*:*", "matchCriteriaId": "67D0992D-FF74-4F93-A00B-BB4EC0F8A51E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190319:*:*:pro:*:*:*", "matchCriteriaId": "3909F140-EB22-4D05-8576-4C7445A183DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190331:*:*:pro:*:*:*", "matchCriteriaId": "2610F4B9-0739-4AE8-B4C2-E8578F0466E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190416:*:*:pro:*:*:*", "matchCriteriaId": "2EA3D971-ECBC-4810-AE61-3167BD3D7F81", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190426:*:*:pro:*:*:*", "matchCriteriaId": "E2FBED6C-4BDA-4AE2-999F-5D3063B90D18", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190513:*:*:pro:*:*:*", "matchCriteriaId": "51571BCC-8621-4D0F-AE45-DAFF5AD9099A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190603:*:*:pro:*:*:*", "matchCriteriaId": "35266B59-E489-4BF8-ABA5-1B07B3A3B9D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190607:*:*:pro:*:*:*", "matchCriteriaId": "737684B7-E4EC-46E6-981E-97CDFDEE6AB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190626:*:*:pro:*:*:*", "matchCriteriaId": "C46B768B-11A8-473E-8532-AF7230F5390C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190722:*:*:pro:*:*:*", "matchCriteriaId": "8DA7A63D-9416-4572-81A1-52D8247EAF15", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190805:*:*:pro:*:*:*", "matchCriteriaId": "26989ACB-F823-47AF-825C-ACEFC77A5ABF", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190819:*:*:pro:*:*:*", "matchCriteriaId": "E99A1FF5-59C8-4471-A5F4-F6B39CCD5EB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190910:*:*:pro:*:*:*", "matchCriteriaId": "89361CC7-C9C3-4DD6-A812-ACEA2FD9D3CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20190930:*:*:pro:*:*:*", "matchCriteriaId": "F87117F9-9B8D-4267-9CA1-98FEFA00DE0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20191014:*:*:pro:*:*:*", "matchCriteriaId": "4510FB72-A61D-4998-9C7B-B368ACADC2F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20191030:*:*:pro:*:*:*", "matchCriteriaId": "751D173E-BD8C-40DC-A033-52894F665A00", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20191108:*:*:pro:*:*:*", "matchCriteriaId": "F28F93F4-EF56-4C56-A34F-3582992039F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20191209:*:*:pro:*:*:*", "matchCriteriaId": "536EAD48-FCF6-46A0-B8C6-58CB07E6F689", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200113:*:*:pro:*:*:*", "matchCriteriaId": "6972D3C6-BBA2-4420-BF7C-F5B0B155E70E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200122:*:*:pro:*:*:*", "matchCriteriaId": "7031F096-9223-481D-A024-6EFB55C6333D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200131:*:*:pro:*:*:*", "matchCriteriaId": "7BF37270-5ABF-4BF0-AC39-78E36E7DFBC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200218:*:*:pro:*:*:*", "matchCriteriaId": "B4FC8A3F-0F5D-4E34-8E69-7CA66F3ECC10", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200302:*:*:pro:*:*:*", "matchCriteriaId": "E69CD84D-9AD9-42EE-8117-CEE86D04B6C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200318:*:*:pro:*:*:*", "matchCriteriaId": "E6DBB703-B54E-4E16-964A-77356540891C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200330:*:*:pro:*:*:*", "matchCriteriaId": "BD215E6E-94E9-45CC-9E03-7458FDABFA8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rapid7:metasploit:4.17.1:20200413:*:*:pro:*:*:*", "matchCriteriaId": "2333BC4C-CB58-4BA1-ACD2-CDC308DB7B1E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site Scripting (XSS) vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface. This issue affects Rapid7 Metasploit Pro version 4.17.1-20200427 and prior versions, and is fixed in Metasploit Pro version 4.17.1-20200514. See also CVE-2020-7354, which describes a similar issue, but involving the generated 'host' field of a discovered scan asset."}, {"lang": "es", "value": "Una vulnerabilidad de tipo Cross-site Scripting (XSS) en el campo \"notes\" de un activo de escaneo detectado en Rapid7 Metasploit Pro, permite a un atacante con un servicio de red especialmente dise\u00f1ado de un objetivo de escaneo almacenar una secuencia de tipo XSS en la consola de Metasploit Pro, que se activar\u00e1 cuando el operador visualiza el registro de ese host escaneado en la interfaz de Metasploit Pro. Este problema afecta a Rapid7 Metasploit Pro versi\u00f3n 4.17.1-20200427 y versiones anteriores, y es corregido en Metasploit Pro versi\u00f3n 4.17.1-20200514. Consulte tambi\u00e9n CVE-2020-7354, que describe un problema similar, pero involucrando el campo \"host\" generado de un activo de escaneo detectado"}], "id": "CVE-2020-7355", "lastModified": "2024-11-21T05:37:06.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.2, "source": "cve@rapid7.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-25T18:15:12.410", "references": [{"source": "cve@rapid7.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/"}, {"source": "cve@rapid7.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514"}], "sourceIdentifier": "cve@rapid7.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "cve@rapid7.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object