CVE-2020-13151
Aerospike Database 5.1.0.3 - OS Command Execution
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
6Exploited in Wild
-Decision
Descriptions
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.
Aerospike Community Edition versión 4.9.0.5, permite el envío y la ejecución no autenticada de funciones definidas por el usuario (UDF), escritas en Lua, como parte de una consulta de base de datos. Intenta restringir la ejecución del código al deshabilitar las llamadas a la función os.execute(), pero esto es insuficiente. Cualquier persona con acceso a la red puede utilizar una UDF diseñada para ejecutar comandos arbitrarios de Sistema Operativo en todos los nodos del clúster en el nivel de permiso del usuario que ejecuta el servicio de Aerospike
Aerospike Database version 5.1.0.3 suffers from a remote command execution vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-05-18 CVE Reserved
- 2020-08-03 First Exploit
- 2020-08-05 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://www.aerospike.com/docs/operations/manage/udfs |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.aerospike.com/download/server/notes.html#5.1.0.3 | 2023-01-28 | |
| https://www.aerospike.com/enterprise/download/server/notes.html#5.1.0.3 | 2020-07-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | < 4.5.3.21 Search vendor "Aerospike" for product "Aerospike Server" and version " < 4.5.3.21" | community |
Affected
| ||||||
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | >= 4.6.0.1 < 4.6.0.19 Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.6.0.1 < 4.6.0.19" | community |
Affected
| ||||||
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | >= 4.7.0.1 < 4.7.0.17 Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.7.0.1 < 4.7.0.17" | community |
Affected
| ||||||
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | >= 4.8.0.1 < 4.8.0.13 Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.8.0.1 < 4.8.0.13" | community |
Affected
| ||||||
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | >= 4.9.0.1 < 4.9.0.10 Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.9.0.1 < 4.9.0.10" | community |
Affected
| ||||||
| Aerospike Search vendor "Aerospike" | Aerospike Server Search vendor "Aerospike" for product "Aerospike Server" | >= 5.0.0.1 < 5.0.0.7 Search vendor "Aerospike" for product "Aerospike Server" and version " >= 5.0.0.1 < 5.0.0.7" | community |
Affected
| ||||||