FKIE_CVE-2020-24815

Vulnerability from fkie_nvd - Published: 2020-11-24 17:15 - Updated: 2024-11-21 05:16
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020.
References
cve@mitre.orghttp://microstrategy.comVendor Advisory
cve@mitre.orghttps://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_USVendor Advisory
cve@mitre.orghttps://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://microstrategy.comVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_USVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/Exploit, Third Party Advisory
Impacted products
Vendor Product Version
microstrategy microstrategy 10.4
microstrategy microstrategy 2019
microstrategy microstrategy 2019
microstrategy microstrategy 2019
microstrategy microstrategy 2019
microstrategy microstrategy 2019
microstrategy microstrategy 2020
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "89A36A18-107F-4BE8-AAD9-EDECB714188D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2019:update1:*:*:*:*:*:*",
              "matchCriteriaId": "CDC2C780-0996-4D8A-A4B1-461B442A7089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2019:update2:*:*:*:*:*:*",
              "matchCriteriaId": "89F1B5AF-677F-4B90-AD13-F8CE8588ED0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2019:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4DE22024-C6A9-4547-8712-7C5B8F1ED5A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2019:update4:*:*:*:*:*:*",
              "matchCriteriaId": "E74CDB4D-5034-48A8-9AD9-1DD5D363D180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2019:update5:*:*:*:*:*:*",
              "matchCriteriaId": "4FA72CA6-485D-4564-A265-70D90032FBFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microstrategy:microstrategy:2020:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F59AFCFE-AC0E-4B6E-8576-2C1553F8CA76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) afectando la generaci\u00f3n de PDF en MicroStrategy versiones 10.4, 2019 anterior al Update 6 y 2020 anterior al Update 2, permite a usuarios autenticados acceder al contenido de los recursos de la red interna o filtrar archivos de sistema local por medio de contenedores HTML integrados en un documento dossier/dashboard.\u0026#xa0;NOTA: versi\u00f3n 10.4., ninguna soluci\u00f3n ser\u00e1 publicada ya que la versi\u00f3n llegar\u00e1 al final de su vida \u00fatil el 31/12/2020"
    }
  ],
  "id": "CVE-2020-24815",
  "lastModified": "2024-11-21T05:16:05.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-24T17:15:10.957",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://microstrategy.com"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_US"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://microstrategy.com"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.