CVE-2020-24139 - Vulnerability Details - OpenCVE

ReportizFlow

Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wcms	Wcms

Configuration 1 [-]

cpe:2.3:a:wcms:wcms:0.3.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md
https://github.com/vedees/wcms/issues/8

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-04-07T15:03:05

Updated: 2024-08-04T15:05:11.853Z

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-24139

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-04-07T16:15:13.103

Modified: 2024-11-21T05:14:25.350

Link: CVE-2020-24139

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-13T13:18:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/vedees/wcms/issues/8"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2020-24139", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/vedees/wcms/issues/8", "refsource": "MISC", "url": "https://github.com/vedees/wcms/issues/8"}, {"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md", "refsource": "MISC", "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:05:11.853Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vedees/wcms/issues/8"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-24139", "datePublished": "2021-04-07T15:03:05", "dateReserved": "2020-08-13T00:00:00", "dateUpdated": "2024-08-04T15:05:11.853Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wcms:wcms:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "95CE7D1E-E919-449E-88D4-F6A0FCADFAF0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services."}, {"lang": "es", "value": "Una Server-side request forgery en Wcms versi\u00f3n 0.3.2, permite a un atacante enviar peticiones dise\u00f1adas desde el servidor back-end de una aplicaci\u00f3n web vulnerable por medio del par\u00e1metro path en el archivo wex/cssjs.php. Puede ayudar a identificar puertos abiertos, hosts de redes locales y ejecutar comandos en servicios locales"}], "id": "CVE-2020-24139", "lastModified": "2024-11-21T05:14:25.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-04-07T16:15:13.103", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"}, {"source": "[email protected]", "tags": ["Exploit", "Technical Description"], "url": "https://github.com/vedees/wcms/issues/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description"], "url": "https://github.com/vedees/wcms/issues/8"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "[email protected]", "type": "Primary"}]}