FKIE_CVE-2020-16104

Vulnerability from fkie_nvd - Published: 2020-12-14 20:15 - Updated: 2024-11-21 05:06
Severity
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236(MR1); 8.20 versions prior to 8.20.1166(MR3); 8.10 versions prior to 8.10.1211(MR5); 8.00 versions prior to 8.00.1228(MR6); version 7.90 and prior versions.
References
disclosures@gallagher.comhttps://security.gallagher.com/Security-Advisories/CVE-2020-16104Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gallagher.com/Security-Advisories/CVE-2020-16104Vendor Advisory
Impacted products
Vendor Product Version
gallagher command_centre *
gallagher command_centre *
gallagher command_centre *
gallagher command_centre *
gallagher command_centre *
gallagher command_centre 8.00.1228
gallagher command_centre 8.00.1228
gallagher command_centre 8.10.1211
gallagher command_centre 8.10.1211
gallagher command_centre 8.20.1166
gallagher command_centre 8.20.1166
gallagher command_centre 8.30.1236
gallagher command_centre 8.30.1236
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC327DD-614D-4F03-B77A-941EFE1269F3",
              "versionEndExcluding": "7.90.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF24E0D-FEF8-4814-A689-50869362C70A",
              "versionEndExcluding": "8.00.1228",
              "versionStartIncluding": "8.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55BB8603-0AAE-49A3-B127-374F24C498DE",
              "versionEndExcluding": "8.10.1211",
              "versionStartIncluding": "8.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7DBECA-3C79-4346-AB66-B7538B230FE7",
              "versionEndExcluding": "8.20.1166",
              "versionStartIncluding": "8.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0DEE3F1-6EE3-4D31-BDF2-648F45C0EC20",
              "versionEndExcluding": "8.30.1236",
              "versionStartIncluding": "8.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.00.1228:-:*:*:*:*:*:*",
              "matchCriteriaId": "B5A79B43-E943-44E2-B13A-64F955518C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.00.1228:maintenance_release6:*:*:*:*:*:*",
              "matchCriteriaId": "8032E6B3-B5D4-4009-936B-35CA03CF0256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.10.1211:-:*:*:*:*:*:*",
              "matchCriteriaId": "E672F2DB-6C4D-4549-977C-F4EDBCC461E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.10.1211:maintenance_release5:*:*:*:*:*:*",
              "matchCriteriaId": "4AE5C9DA-0A88-4A55-9395-7C2D357D9FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.20.1166:-:*:*:*:*:*:*",
              "matchCriteriaId": "3DACA47B-78DA-4ED5-A15B-04556FA11865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.20.1166:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "38E86AF8-3460-4007-B5A2-0E4EA3F42974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.30.1236:-:*:*:*:*:*:*",
              "matchCriteriaId": "34322F73-2AEF-4920-96DD-B138125A0660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gallagher:command_centre:8.30.1236:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "784CE63C-BE80-4111-9A56-6CD03CAE6E0D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with \u0027Edit Enterprise Data Interfaces\u0027 privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236(MR1); 8.20 versions prior to 8.20.1166(MR3); 8.10 versions prior to 8.10.1211(MR5); 8.00 versions prior to 8.00.1228(MR6); version 7.90 and prior versions."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n SQL en Enterprise Data Interface de Gallagher Command Centre, permite a un atacante remoto con privilegio de \"Edit Enterprise Data Interfaces\" ejecutar un SQL arbitrario contra una base de datos de terceros si EDI est\u00e1 configurado para importar datos de esta base de datos.\u0026#xa0;Este problema afecta a: Gallagher Command Center versiones 8.30 anteriores a 8.30.1236(MR1);\u0026#xa0;versiones 8.20 anteriores a 8.20.1166(MR3);\u0026#xa0;versiones 8.10 anteriores a 8.10.1211 (MR5);\u0026#xa0;versiones 8.00 anteriores a 8.00.1228(MR6);\u0026#xa0;versi\u00f3n 7.90 y versiones anteriores."
    }
  ],
  "id": "CVE-2020-16104",
  "lastModified": "2024-11-21T05:06:47.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.3,
        "source": "disclosures@gallagher.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-14T20:15:12.247",
  "references": [
    {
      "source": "disclosures@gallagher.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.gallagher.com/Security-Advisories/CVE-2020-16104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.gallagher.com/Security-Advisories/CVE-2020-16104"
    }
  ],
  "sourceIdentifier": "disclosures@gallagher.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "disclosures@gallagher.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.