CVE-2020-9280 - OpenCVE

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Silverstripe	Silverstripe

Configuration 1 [-]

cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://forum.silverstripe.org/c/releases
https://www.silverstripe.org/download/security-releases/
https://www.silverstripe.org/download/security-releases/cve-2020-9280

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-15T20:18:14

Updated: 2024-08-04T10:26:15.922Z

Reserved: 2020-02-19T00:00:00

Link: CVE-2020-9280

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-04-15T21:15:36.967

Modified: 2020-04-29T18:15:43.957

Link: CVE-2020-9280

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default \"/Uploads\" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-15T20:18:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.silverstripe.org/download/security-releases/"}, {"tags": ["x_refsource_MISC"], "url": "https://forum.silverstripe.org/c/releases"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.silverstripe.org/download/security-releases/cve-2020-9280"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-9280", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default \"/Uploads\" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.silverstripe.org/download/security-releases/", "refsource": "CONFIRM", "url": "https://www.silverstripe.org/download/security-releases/"}, {"name": "https://forum.silverstripe.org/c/releases", "refsource": "MISC", "url": "https://forum.silverstripe.org/c/releases"}, {"name": "https://www.silverstripe.org/download/security-releases/cve-2020-9280", "refsource": "CONFIRM", "url": "https://www.silverstripe.org/download/security-releases/cve-2020-9280"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:26:15.922Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.silverstripe.org/download/security-releases/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://forum.silverstripe.org/c/releases"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.silverstripe.org/download/security-releases/cve-2020-9280"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-9280", "datePublished": "2020-04-15T20:18:14", "dateReserved": "2020-02-19T00:00:00", "dateUpdated": "2024-08-04T10:26:15.922Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFEAE2BD-0B5A-4804-AADD-62F4DEDE58A4", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default \"/Uploads\" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x."}, {"lang": "es", "value": "En SilverStripe versiones hasta 4.5, los archivos cargados por medio de Formularios hacia carpetas migradas desde Silverstripe CMS versiones 3.x, pueden ser colocados en la carpeta predeterminada \"/Uploads\". Esto afecta a las instalaciones que permitieron la protecci\u00f3n de la carpeta de carga por medio del m\u00f3dulo opcional silverstripe/secureassets bajo las versiones 3.x. Este m\u00f3dulo est\u00e1 instalado y habilitado por defecto en la Common Web Platform (CWP). La vulnerabilidad solo afecta a los archivos cargados despu\u00e9s de una actualizaci\u00f3n en las versiones 4.x."}], "id": "CVE-2020-9280", "lastModified": "2020-04-29T18:15:43.957", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-15T21:15:36.967", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://forum.silverstripe.org/c/releases"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.silverstripe.org/download/security-releases/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.silverstripe.org/download/security-releases/cve-2020-9280"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}