CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2CVE-2020-24815
https://notcve.org/view.php?id=CVE-2020-24815
A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) afectando la generación de PDF en MicroStrategy versiones 10.4, 2019 anterior al Update 6 y 2020 anterior al Update 2, permite a usuarios autenticados acceder al contenido de los recursos de la red interna o filtrar archivos de sistema local por medio de contenedores HTML integrados en un documento dossier/dashboard. NOTA: versión 10.4., ninguna solución será publicada ya que la versión llegará al final de su vida útil el 31/12/2020 • https://github.com/darkvirus-7x/exploit-CVE-2020-24815 http://microstrategy.com https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_US https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2020-11454 – MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution
https://notcve.org/view.php?id=CVE-2020-11454
Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a dashboard on the application. Microstrategy Web versión 10.4, es vulnerable a un ataque de tipo XSS almacenado en las funcionalidades HTML Container y Insert Text, permitiendo la creación de un nuevo panel. A fin de explotar esta vulnerabilidad, un usuario necesita tener acceso a un panel compartido o tener la capacidad de crear un panel en la aplicación. MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities. • http://packetstormsecurity.com/files/157068/MicroStrategy-Intelligence-Server-And-Web-10.4-XSS-Disclosure-SSRF-Code-Execution.html http://seclists.org/fulldisclosure/2020/Apr/1 https://community.microstrategy.com/s/article/Web-Services-Security-Vulnerability https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 31%CPEs: 1EXPL: 2CVE-2020-11453 – MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution
https://notcve.org/view.php?id=CVE-2020-11453
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit it to conduct port scanning. An attacker could exploit this vulnerability to enumerate the resources allocated in the network (IP addresses and services exposed). NOTE: MicroStrategy is unable to reproduce the issue reported in any version of its product **DISPUTA** Microstrategy Web versión 10.4, es vulnerable a un ataque de tipo Server-Side Request Forgery en la funcionalidad Test Web Service expuesta por medio de la ruta /MicroStrategyWS/. La funcionalidad no requiere autenticación y, aunque no es posible pasar parámetros en la petición SSRF, aún es posible explotarla para conducir un escaneo de puertos. • http://packetstormsecurity.com/files/157068/MicroStrategy-Intelligence-Server-And-Web-10.4-XSS-Disclosure-SSRF-Code-Execution.html http://seclists.org/fulldisclosure/2020/Apr/1 https://community.microstrategy.com/s/article/Web-Services-Security-Vulnerability https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-18696
https://notcve.org/view.php?id=CVE-2018-18696
main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-Web-9-0?language=en_US) and disagrees that this issue is a vulnerability. They also claim that MicroStrategy was never properly informed of this issue via normal support channels or their vulnerability reporting page on their website, so they were unable to evaluate the report or explain how this is something their customers view as a feature and not a security vulnerability ** EN DISPUTA ** main.aspx en Microstrategy Analytics 10.4.0026.0049 y anteriores tiene Cross-Site Request Forgery (CSRF). NOTA: El fabricante alega que ha provisto documentación para prevenir un ataque CSRF (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-Web-9-0? • https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-Web-9-0?language=en_US https://raw.githubusercontent.com/Siros96/MicroStrategy_CSRF/master/PoC https://seclists.org/bugtraq/2018/Dec/3 • CWE-352: Cross-Site Request Forgery (CSRF) •