// For flags

CVE-2019-11215

 

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during upgrade; in certain cases, an error during modification of the file from the web interface leaves the file writable (can be triggered with XSS); a race condition can be triggered by the hub-connector module (community version only from 2.4.1 to 2.6.0); or editing the file in a CLI.

En Combodo iTop versiones 2.2.0 hasta 2.6.0, si el archivo de configuración es escribible, entonces una ejecución de código arbitrario puede ser realizada llamando a ajax.dataloader con una carga útil creada con fines maliciosos. Muchas condiciones pueden colocar el archivo de configuración en un estado de escribible: durante la instalación; durante la actualización; en determinados casos, un error durante la modificación del archivo desde la interfaz web deja el archivo escribible (puede ser activado con un XSS); el módulo hub-connector puede desencadenar una condición de carrera (versión de la comunidad solo desde versiones 2.4.1 hasta 2.6.0); o editar el archivo en una CLI.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-04-12 CVE Reserved
  • 2020-02-14 CVE Published
  • 2024-05-11 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Combodo
Search vendor "Combodo"
 Itop
Search vendor "Combodo" for product "Itop"
 >= 2.2.0 <= 2.4.0
Search vendor "Combodo" for product "Itop" and version " >= 2.2.0 <= 2.4.0"
-
Affected
Combodo
Search vendor "Combodo"
 Itop
Search vendor "Combodo" for product "Itop"
 >= 2.4.1 <= 2.6.0
Search vendor "Combodo" for product "Itop" and version " >= 2.4.1 <= 2.6.0"
community
Affected