An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.
Published 2018-01-21 22:29:00
Updated 2019-03-06 17:27:46
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Input validation

Exploit prediction scoring system (EPSS) score for CVE-2018-5955

96.36%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2018-5955

  • GitStack Unauthenticated REST API Requests
    Disclosure Date: 2018-01-15
    First seen: 2020-04-26
    auxiliary/admin/http/gitstack_rest
    This modules exploits unauthenticated REST API requests in GitStack through v2.3.10. The module supports requests for listing users of the application and listing available repositories. Additionally, the module can create a user and add the user to the appli
  • GitStack Unsanitized Argument RCE
    Disclosure Date: 2018-01-15
    First seen: 2020-04-26
    exploit/windows/http/gitstack_rce
    This module exploits a remote code execution vulnerability that exists in GitStack through v2.3.10, caused by an unsanitized argument being passed to an exec function call. This module has been tested on GitStack v2.3.10. Authors: - Kacper Szurek - Jacob R

CVSS scores for CVE-2018-5955

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
9.8
CRITICAL CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

CWE ids for CVE-2018-5955

  • The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-5955

Products affected by CVE-2018-5955

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!