CVE-2020-11977 : In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow

In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution.

Published 2020-09-15 20:15:13

Updated 2020-09-24 13:42:34

Source Apache Software Foundation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2020-11977

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 22 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-11977

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.5	HIGH	AV:N/AC:M/Au:S/C:C/I:C/A:C	6.8	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2020-11977

https://syncope.apache.org/security#CVE-2020-11977:_Remote_Code_Execution_via_Flowable_workflow_definition

Apache Syncope – Security Advisories
Vendor Advisory

Products affected by CVE-2020-11977

Apache » Syncope
Versions from including (>=) 2.1.0 and before (<) 2.1.7
cpe:2.3:a:apache:syncope:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2020-11977

Exploit prediction scoring system (EPSS) score for CVE-2020-11977

CVSS scores for CVE-2020-11977

References for CVE-2020-11977

Products affected by CVE-2020-11977