Vulnerability Details : CVE-2020-8429
Potential exploit
The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs function was used as a variable in a command to read log files; however, due to poor input sanitisation, it was possible to bypass a replacement and break out of the command.
Products affected by CVE-2020-8429
- cpe:2.3:a:kinetica:kinetica:7.0.9.2.20191118151947:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-8429
0.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 63 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-8429
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2020-8429
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-8429
-
https://support.kinetica.com/hc/en-us/categories/360001223653-Release-Notes
Release Notes – KineticaRelease Notes;Vendor Advisory
-
https://www.nccgroup.trust/uk/our-research/technical-advisory-command-injection/?research=Technical+advisories
Technical Advisory: Command InjectionExploit;Third Party Advisory
Jump to