CVE-2018-1000666

{"id": "CVE-2018-1000666", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-09-06T17:29:01.720", "references": [{"url": "https://github.com/0-complexity/openvcloud/issues/1207", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://github.com/jumpscale7/jumpscale_portal/blob/c997bb1824862b08246d60e34e950df06ebac68c/apps/portalbase/system/system__contentmanager/methodclass/system_contentmanager.py#L293-L315", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://github.com/jumpscale7/jumpscale_portal/pull/108", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://medium.com/%40vrico315/vulnerability-in-jumpscale-portal-7-a88098a1caca", "source": "[email protected]"}, {"url": "https://telegra.ph/Description-of-vulnerability-in-JumpScale-Portal-7-08-23", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://github.com/0-complexity/openvcloud/issues/1207", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/jumpscale7/jumpscale_portal/blob/c997bb1824862b08246d60e34e950df06ebac68c/apps/portalbase/system/system__contentmanager/methodclass/system_contentmanager.py#L293-L315", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/jumpscale7/jumpscale_portal/pull/108", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://medium.com/%40vrico315/vulnerability-in-jumpscale-portal-7-a88098a1caca", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://telegra.ph/Description-of-vulnerability-in-JumpScale-Portal-7-08-23", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification; that can result in Improper validation of parameters results in command execution. This attack appear to be exploitable via Network connectivity, required minimal auth privileges (everyone can register an account). This vulnerability appears to have been fixed in After commit 15443122ed2b1cbfd7bdefc048bf106f075becdb."}, {"lang": "es", "value": "GIG Technology NV JumpScale Portal 7, en versiones anteriores al commit con ID 15443122ed2b1cbfd7bdefc048bf106f075becdb, contiene un CWE-78: neutralizaci\u00f3n incorrecta de elementos especiales empleado en una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo (\"OS Command Injection\") en el m\u00e9todo notifySpaceModification que puede resultar en la validaci\u00f3n incorrecta de par\u00e1metros que resultan en la ejecuci\u00f3n de comandos. Parece ser explotable mediante conectividad de red, requiriendo privilegios auth m\u00ednimos (cualquiera puede registrar una cuenta). La vulnerabilidad parece haber sido solucionada tras el commit con ID 15443122ed2b1cbfd7bdefc048bf106f075becdb."}], "lastModified": "2024-11-21T03:40:21.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openvcloud_project:openvcloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "214B4FAB-B6D6-442E-BCB3-5B940714087E", "versionEndExcluding": "2.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gig:jumpscale:7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94F10703-B2A2-4A0C-A567-DD3427EDFFD5"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}