// For flags

CVE-2020-13151

Aerospike Database 5.1.0.3 - OS Command Execution

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

6
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.

Aerospike Community Edition versión 4.9.0.5, permite el envío y la ejecución no autenticada de funciones definidas por el usuario (UDF), escritas en Lua, como parte de una consulta de base de datos. Intenta restringir la ejecución del código al deshabilitar las llamadas a la función os.execute(), pero esto es insuficiente. Cualquier persona con acceso a la red puede utilizar una UDF diseñada para ejecutar comandos arbitrarios de Sistema Operativo en todos los nodos del clúster en el nivel de permiso del usuario que ejecuta el servicio de Aerospike

Aerospike Database version 5.1.0.3 suffers from a remote command execution vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-05-18 CVE Reserved
  • 2020-08-03 First Exploit
  • 2020-08-05 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-09-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
< 4.5.3.21
Search vendor "Aerospike" for product "Aerospike Server" and version " < 4.5.3.21"
community
Affected
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
>= 4.6.0.1 < 4.6.0.19
Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.6.0.1 < 4.6.0.19"
community
Affected
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
>= 4.7.0.1 < 4.7.0.17
Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.7.0.1 < 4.7.0.17"
community
Affected
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
>= 4.8.0.1 < 4.8.0.13
Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.8.0.1 < 4.8.0.13"
community
Affected
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
>= 4.9.0.1 < 4.9.0.10
Search vendor "Aerospike" for product "Aerospike Server" and version " >= 4.9.0.1 < 4.9.0.10"
community
Affected
Aerospike
Search vendor "Aerospike"
Aerospike Server
Search vendor "Aerospike" for product "Aerospike Server"
>= 5.0.0.1 < 5.0.0.7
Search vendor "Aerospike" for product "Aerospike Server" and version " >= 5.0.0.1 < 5.0.0.7"
community
Affected