FKIE_CVE-2020-25849

Vulnerability from fkie_nvd - Published: 2020-11-01 17:15 - Updated: 2024-11-21 05:18
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.
References
twcert@cert.org.twhttps://www.twcert.org.tw/tw/cp-132-4118-6292c-1.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.twcert.org.tw/tw/cp-132-4118-6292c-1.htmlThird Party Advisory
Impacted products
Vendor Product Version
openfind mailaudit 4.0
openfind mailaudit 5.0
openfind mailgates 4.0
openfind mailgates 5.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openfind:mailaudit:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B827C907-2003-4373-99B7-AEF43956A097",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openfind:mailaudit:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40E2ED8-613F-4BDA-A433-C9AA89217C9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openfind:mailgates:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AEEB91-7702-4CB8-B6F7-C69E89DE5BF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openfind:mailgates:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01EBC1D0-8439-4B9B-ACD4-A599BE299ADE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user\u2019s access token."
    },
    {
      "lang": "es",
      "value": "Los productos MailGates y MailAudit, contienen un fallo de inyecci\u00f3n de comandos, que puede ser  usado para inyectar y ejecutar comandos del sistema desde el par\u00e1metro cgi despu\u00e9s de que los atacantes obtienen el token de acceso del usuario"
    }
  ],
  "id": "CVE-2020-25849",
  "lastModified": "2024-11-21T05:18:54.073",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "twcert@cert.org.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-01T17:15:12.200",
  "references": [
    {
      "source": "twcert@cert.org.tw",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.twcert.org.tw/tw/cp-132-4118-6292c-1.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.twcert.org.tw/tw/cp-132-4118-6292c-1.html"
    }
  ],
  "sourceIdentifier": "twcert@cert.org.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "twcert@cert.org.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.