CVE-2020-15152 (GCVE-0-2020-15152)
Vulnerability from cvelistv5 – Published: 2020-08-17 21:55 – Updated: 2024-08-04 13:08
VLAI?
Title
Server-Side Request Forgery in ftp-srv
Summary
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory.
Severity ?
9.1 (Critical)
CWE
- CWE-918 - {"CWE-918":"Server-Side Request Forgery (SSRF)"}
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.npmjs.com/package/ftp-srv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ftp-srv",
"vendor": "autovance",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 2.19.6"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.1.2"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.3.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "{\"CWE-918\":\"Server-Side Request Forgery (SSRF)\"}",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-12T20:22:54",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.npmjs.com/package/ftp-srv"
}
],
"source": {
"advisory": "GHSA-jw37-5gqr-cf9j",
"discovery": "UNKNOWN"
},
"title": "Server-Side Request Forgery in ftp-srv",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15152",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery in ftp-srv"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ftp-srv",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.0.0, \u003c 2.19.6"
},
{
"version_value": "\u003e= 3.0.0, \u003c 3.1.2"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.3.4"
}
]
}
}
]
},
"vendor_name": "autovance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-918\":\"Server-Side Request Forgery (SSRF)\"}"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j",
"refsource": "CONFIRM",
"url": "https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j"
},
{
"name": "https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca",
"refsource": "MISC",
"url": "https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca"
},
{
"name": "https://www.npmjs.com/package/ftp-srv",
"refsource": "MISC",
"url": "https://www.npmjs.com/package/ftp-srv"
}
]
},
"source": {
"advisory": "GHSA-jw37-5gqr-cf9j",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15152",
"datePublished": "2020-08-17T21:55:13",
"dateReserved": "2020-06-25T00:00:00",
"dateUpdated": "2024-08-04T13:08:22.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-15152\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-08-17T22:15:12.627\",\"lastModified\":\"2024-11-21T05:04:57.260\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory.\"},{\"lang\":\"es\",\"value\":\"ftp-srv es un paquete npm que es un moderno y extensible servidor FTP dise\u00f1ado para ser simple pero configurable. En ftp-srv antes de las versiones 2.19.6, 3.1.2, y 4.3.4 son vulnerables a la falsificaci\u00f3n de solicitudes del lado del servidor. El comando PORT permite IPs arbitrarias que pueden ser usadas para hacer que el servidor haga una conexi\u00f3n en otro lugar. Una posible soluci\u00f3n es bloquear el PUERTO a trav\u00e9s de la configuraci\u00f3n. Este problema est\u00e1 solucionado en las versiones 2.19.6, 3.1.2 y 4.3.4. Puede encontrar m\u00e1s informaci\u00f3n en el aviso vinculado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ftp-srv_project:ftp-srv:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"2.19.6\",\"matchCriteriaId\":\"F5D90734-6B6E-4C5F-B0D5-9B4C4FAA8648\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ftp-srv_project:ftp-srv:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.1.2\",\"matchCriteriaId\":\"4A020A63-F973-4E4C-9CF2-2B8F79234570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ftp-srv_project:ftp-srv:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.3.4\",\"matchCriteriaId\":\"B1A73879-F682-4506-91E9-E0957E37C4EE\"}]}]}],\"references\":[{\"url\":\"https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/ftp-srv\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/autovance/ftp-srv/commit/e449e75219d918c400dec65b4b0759f60476abca\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/autovance/ftp-srv/security/advisories/GHSA-jw37-5gqr-cf9j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/ftp-srv\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…