// For flags

CVE-2019-11029

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This includes SAM-database backups, Web.config files, etc. and might cause a serious impact on confidentiality.

Mirasys VMS versiones anteriores a V7.6.1 y 8.x versiones anteriores a V8.3.2, maneja inapropiadamente el método Download() de AutoUpdateService en el archivo SMServer.exe, lo que conlleva a un Salto de directorio. Un atacante podría usar ..\ con este método para iterar sobre listas de archivos de sistema de interés y descargarlos sin autenticación previa. Esto incluye copias de seguridad de la base de datos SAM, archivos Web.config, etc. y puede causar un grave impacto en la confidencialidad.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-04-09 CVE Reserved
  • 2019-08-22 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mirasys
Search vendor "Mirasys"
Mirasys Vms
Search vendor "Mirasys" for product "Mirasys Vms"
< 7.6.1
Search vendor "Mirasys" for product "Mirasys Vms" and version " < 7.6.1"
-
Affected
Mirasys
Search vendor "Mirasys"
Mirasys Vms
Search vendor "Mirasys" for product "Mirasys Vms"
>= 8.0.0 < 8.3.2
Search vendor "Mirasys" for product "Mirasys Vms" and version " >= 8.0.0 < 8.3.2"
-
Affected