Vulnerability-Lookup

CNVD-2020-62801

Vulnerability from cnvd - Published: 2020-11-12

Title

fs.com S3900-24T4S跨站请求伪造漏洞

Description

fs.com S3900-24T4S是中国飞速创新（fs）公司的一款千兆可堆叠式交换机。FS S3900-24T4S交换机配备24个10/100/1000Base-T端口，4个10G SFP+上行链路口，支持高达6台交换机堆叠，操作简便，具备高度安全的业务处理能力、灵活的网络部署、无边界的网络体验和完备的QoS控制策略。 fs.com S3900 24T4S 1.7.0版本及之前版本存在安全漏洞，攻击者可利用该漏洞代表站点管理员伪造更改所有设置(包括删除用户、创建具有升级特权的新用户)的身份验证或令牌身份验证机制。

Severity

低

Patch Name

fs.com S3900-24T4S跨站请求伪造漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/M0NsTeRRR/CVE-2020-24033

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-24033

Impacted products

Name
FS fs.com S3900-24T4S <=1.7.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-24033",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-24033"
    }
  },
  "description": "fs.com S3900-24T4S\u662f\u4e2d\u56fd\u98de\u901f\u521b\u65b0\uff08fs\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5343\u5146\u53ef\u5806\u53e0\u5f0f\u4ea4\u6362\u673a\u3002FS S3900-24T4S\u4ea4\u6362\u673a\u914d\u590724\u4e2a10/100/1000Base-T\u7aef\u53e3\uff0c4\u4e2a10G SFP+\u4e0a\u884c\u94fe\u8def\u53e3\uff0c\u652f\u6301\u9ad8\u8fbe6\u53f0\u4ea4\u6362\u673a\u5806\u53e0\uff0c\u64cd\u4f5c\u7b80\u4fbf\uff0c\u5177\u5907\u9ad8\u5ea6\u5b89\u5168\u7684\u4e1a\u52a1\u5904\u7406\u80fd\u529b\u3001\u7075\u6d3b\u7684\u7f51\u7edc\u90e8\u7f72\u3001\u65e0\u8fb9\u754c\u7684\u7f51\u7edc\u4f53\u9a8c\u548c\u5b8c\u5907\u7684QoS\u63a7\u5236\u7b56\u7565\u3002\n\nfs.com S3900 24T4S 1.7.0\u7248\u672c\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee3\u8868\u7ad9\u70b9\u7ba1\u7406\u5458\u4f2a\u9020\u66f4\u6539\u6240\u6709\u8bbe\u7f6e(\u5305\u62ec\u5220\u9664\u7528\u6237\u3001\u521b\u5efa\u5177\u6709\u5347\u7ea7\u7279\u6743\u7684\u65b0\u7528\u6237)\u7684\u8eab\u4efd\u9a8c\u8bc1\u6216\u4ee4\u724c\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/M0NsTeRRR/CVE-2020-24033",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-62801",
  "openTime": "2020-11-12",
  "patchDescription": "fs.com S3900-24T4S\u662f\u4e2d\u56fd\u98de\u901f\u521b\u65b0\uff08fs\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5343\u5146\u53ef\u5806\u53e0\u5f0f\u4ea4\u6362\u673a\u3002FS S3900-24T4S\u4ea4\u6362\u673a\u914d\u590724\u4e2a10/100/1000Base-T\u7aef\u53e3\uff0c4\u4e2a10G SFP+\u4e0a\u884c\u94fe\u8def\u53e3\uff0c\u652f\u6301\u9ad8\u8fbe6\u53f0\u4ea4\u6362\u673a\u5806\u53e0\uff0c\u64cd\u4f5c\u7b80\u4fbf\uff0c\u5177\u5907\u9ad8\u5ea6\u5b89\u5168\u7684\u4e1a\u52a1\u5904\u7406\u80fd\u529b\u3001\u7075\u6d3b\u7684\u7f51\u7edc\u90e8\u7f72\u3001\u65e0\u8fb9\u754c\u7684\u7f51\u7edc\u4f53\u9a8c\u548c\u5b8c\u5907\u7684QoS\u63a7\u5236\u7b56\u7565\u3002\r\n\r\nfs.com S3900 24T4S 1.7.0\u7248\u672c\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee3\u8868\u7ad9\u70b9\u7ba1\u7406\u5458\u4f2a\u9020\u66f4\u6539\u6240\u6709\u8bbe\u7f6e(\u5305\u62ec\u5220\u9664\u7528\u6237\u3001\u521b\u5efa\u5177\u6709\u5347\u7ea7\u7279\u6743\u7684\u65b0\u7528\u6237)\u7684\u8eab\u4efd\u9a8c\u8bc1\u6216\u4ee4\u724c\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "fs.com S3900-24T4S\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "FS fs.com S3900-24T4S \u003c=1.7.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-24033",
  "serverity": "\u4f4e",
  "submitTime": "2020-11-04",
  "title": "fs.com S3900-24T4S\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2020-24033 (GCVE-0-2020-24033)

Vulnerability from cvelistv5 – Published: 2020-10-22 13:53 – Updated: 2024-08-04 15:05

Summary

An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with escalated privileges.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vul…	x_refsource_MISC
	https://github.com/M0NsTeRRR/CVE-2020-24033	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:05:11.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vulnerability"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/M0NsTeRRR/CVE-2020-24033"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with escalated privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-22T13:53:41.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vulnerability"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/M0NsTeRRR/CVE-2020-24033"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-24033",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with escalated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vulnerability",
              "refsource": "MISC",
              "url": "https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vulnerability"
            },
            {
              "name": "https://github.com/M0NsTeRRR/CVE-2020-24033",
              "refsource": "MISC",
              "url": "https://github.com/M0NsTeRRR/CVE-2020-24033"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24033",
    "datePublished": "2020-10-22T13:53:41.000Z",
    "dateReserved": "2020-08-13T00:00:00.000Z",
    "dateUpdated": "2024-08-04T15:05:11.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-62801

CVE-2020-24033 (GCVE-0-2020-24033)

Tags

Sightings

Nomenclature