Search criteria
6 vulnerabilities found for Secdo by Secdo
CVE-2020-1984 (GCVE-0-2020-1984)
Vulnerability from cvelistv5 – Published: 2020-04-08 18:41 – Updated: 2024-09-17 04:20
VLAI?
Summary
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk (C:\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows.
Severity ?
7.8 (High)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue is not going to be fixed. The issue can be completely mitigated by ensuring that unprivileged users do not have \u0027create folder\u0027 access on the root of the filesystem such as C:\\ or on a folder named C:\\Common."
}
],
"source": {
"defect": [
"PDV-1613"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Privilege escalation via hardcoded script path",
"workarounds": [
{
"lang": "en",
"value": "This issue can be mitigated by :\n- Ensure unprivileged users do not have \u0027create folder\u0027 access on the root of filesystem such as C:\\.\nor\n- Creating a folder named C:\\Common and ensuring unprivileged users do not have \u0027create folder\u0027 access."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1984",
"STATE": "PUBLIC",
"TITLE": "Secdo: Privilege escalation via hardcoded script path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73 External Control of File Name or Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1984",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue is not going to be fixed. The issue can be completely mitigated by ensuring that unprivileged users do not have \u0027create folder\u0027 access on the root of the filesystem such as C:\\ or on a folder named C:\\Common."
}
],
"source": {
"defect": [
"PDV-1613"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue can be mitigated by :\n- Ensure unprivileged users do not have \u0027create folder\u0027 access on the root of filesystem such as C:\\.\nor\n- Creating a folder named C:\\Common and ensuring unprivileged users do not have \u0027create folder\u0027 access."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1984",
"datePublished": "2020-04-08T18:41:58.264586Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-17T04:20:08.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1985 (GCVE-0-2020-1985)
Vulnerability from cvelistv5 – Published: 2020-04-08 18:41 – Updated: 2024-09-16 18:28
VLAI?
Summary
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Severity ?
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Default Permissions on C:\\Programdata\\Secdo\\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. Change permission on C:\\Programdata\\Secdo\\Logs folder to not allow unprivileged users access."
}
],
"source": {
"defect": [
"PDV-1614"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Incorrect Default Permissions",
"workarounds": [
{
"lang": "en",
"value": "Change permission on C:\\Programdata\\Secdo\\Logs to not allow unprivileged users access."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1985",
"STATE": "PUBLIC",
"TITLE": "Secdo: Incorrect Default Permissions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Default Permissions on C:\\Programdata\\Secdo\\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1985",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. Change permission on C:\\Programdata\\Secdo\\Logs folder to not allow unprivileged users access."
}
],
"source": {
"defect": [
"PDV-1614"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Change permission on C:\\Programdata\\Secdo\\Logs to not allow unprivileged users access."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1985",
"datePublished": "2020-04-08T18:41:58.303212Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-16T18:28:43.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1986 (GCVE-0-2020-1986)
Vulnerability from cvelistv5 – Published: 2020-04-08 18:41 – Updated: 2024-09-16 20:26
VLAI?
Summary
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:\) to cause a system crash on every login. This issue affects all versions Secdo for Windows.
Severity ?
5.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in Secdo allows an authenticated local user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to cause a system crash on every login. This issue affects all versions Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. This issue can be easily mitigated by creating a \"C:\\proc\" folder and not allowing unprivileged users to access to that folder, or ensuring unprivileged users do not have \u0027create folder\u0027 access to the root of a disk (C:\\)."
}
],
"source": {
"defect": [
"PDV-1615"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Local authenticated users can cause Windows system crash",
"workarounds": [
{
"lang": "en",
"value": "Exploitation of this issue can be prevented by creating a \"C:\\proc\" folder and not allowing unprivileged users to access that folder."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1986",
"STATE": "PUBLIC",
"TITLE": "Secdo: Local authenticated users can cause Windows system crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation vulnerability in Secdo allows an authenticated local user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to cause a system crash on every login. This issue affects all versions Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1986",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. This issue can be easily mitigated by creating a \"C:\\proc\" folder and not allowing unprivileged users to access to that folder, or ensuring unprivileged users do not have \u0027create folder\u0027 access to the root of a disk (C:\\)."
}
],
"source": {
"defect": [
"PDV-1615"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Exploitation of this issue can be prevented by creating a \"C:\\proc\" folder and not allowing unprivileged users to access that folder."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1986",
"datePublished": "2020-04-08T18:41:58.340011Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-16T20:26:16.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1984 (GCVE-0-2020-1984)
Vulnerability from nvd – Published: 2020-04-08 18:41 – Updated: 2024-09-17 04:20
VLAI?
Summary
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk (C:\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows.
Severity ?
7.8 (High)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue is not going to be fixed. The issue can be completely mitigated by ensuring that unprivileged users do not have \u0027create folder\u0027 access on the root of the filesystem such as C:\\ or on a folder named C:\\Common."
}
],
"source": {
"defect": [
"PDV-1613"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Privilege escalation via hardcoded script path",
"workarounds": [
{
"lang": "en",
"value": "This issue can be mitigated by :\n- Ensure unprivileged users do not have \u0027create folder\u0027 access on the root of filesystem such as C:\\.\nor\n- Creating a folder named C:\\Common and ensuring unprivileged users do not have \u0027create folder\u0027 access."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1984",
"STATE": "PUBLIC",
"TITLE": "Secdo: Privilege escalation via hardcoded script path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73 External Control of File Name or Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1984",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1984"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue is not going to be fixed. The issue can be completely mitigated by ensuring that unprivileged users do not have \u0027create folder\u0027 access on the root of the filesystem such as C:\\ or on a folder named C:\\Common."
}
],
"source": {
"defect": [
"PDV-1613"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue can be mitigated by :\n- Ensure unprivileged users do not have \u0027create folder\u0027 access on the root of filesystem such as C:\\.\nor\n- Creating a folder named C:\\Common and ensuring unprivileged users do not have \u0027create folder\u0027 access."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1984",
"datePublished": "2020-04-08T18:41:58.264586Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-17T04:20:08.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1985 (GCVE-0-2020-1985)
Vulnerability from nvd – Published: 2020-04-08 18:41 – Updated: 2024-09-16 18:28
VLAI?
Summary
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Severity ?
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Default Permissions on C:\\Programdata\\Secdo\\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. Change permission on C:\\Programdata\\Secdo\\Logs folder to not allow unprivileged users access."
}
],
"source": {
"defect": [
"PDV-1614"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Incorrect Default Permissions",
"workarounds": [
{
"lang": "en",
"value": "Change permission on C:\\Programdata\\Secdo\\Logs to not allow unprivileged users access."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1985",
"STATE": "PUBLIC",
"TITLE": "Secdo: Incorrect Default Permissions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Default Permissions on C:\\Programdata\\Secdo\\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1985",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1985"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. Change permission on C:\\Programdata\\Secdo\\Logs folder to not allow unprivileged users access."
}
],
"source": {
"defect": [
"PDV-1614"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Change permission on C:\\Programdata\\Secdo\\Logs to not allow unprivileged users access."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1985",
"datePublished": "2020-04-08T18:41:58.303212Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-16T18:28:43.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1986 (GCVE-0-2020-1986)
Vulnerability from nvd – Published: 2020-04-08 18:41 – Updated: 2024-09-16 20:26
VLAI?
Summary
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:\) to cause a system crash on every login. This issue affects all versions Secdo for Windows.
Severity ?
5.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Secdo",
"vendor": "Secdo",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"datePublic": "2020-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in Secdo allows an authenticated local user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to cause a system crash on every login. This issue affects all versions Secdo for Windows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
],
"solutions": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. This issue can be easily mitigated by creating a \"C:\\proc\" folder and not allowing unprivileged users to access to that folder, or ensuring unprivileged users do not have \u0027create folder\u0027 access to the root of a disk (C:\\)."
}
],
"source": {
"defect": [
"PDV-1615"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"title": "Secdo: Local authenticated users can cause Windows system crash",
"workarounds": [
{
"lang": "en",
"value": "Exploitation of this issue can be prevented by creating a \"C:\\proc\" folder and not allowing unprivileged users to access that folder."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1986",
"STATE": "PUBLIC",
"TITLE": "Secdo: Local authenticated users can cause Windows system crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Secdo",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Secdo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation vulnerability in Secdo allows an authenticated local user with \u0027create folders or append data\u0027 access to the root of the OS disk (C:\\) to cause a system crash on every login. This issue affects all versions Secdo for Windows."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1986",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1986"
}
]
},
"solution": [
{
"lang": "en",
"value": "This product is no longer supported and the issue will not be fixed. This issue can be easily mitigated by creating a \"C:\\proc\" folder and not allowing unprivileged users to access to that folder, or ensuring unprivileged users do not have \u0027create folder\u0027 access to the root of a disk (C:\\)."
}
],
"source": {
"defect": [
"PDV-1615"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Exploitation of this issue can be prevented by creating a \"C:\\proc\" folder and not allowing unprivileged users to access that folder."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1986",
"datePublished": "2020-04-08T18:41:58.340011Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-16T20:26:16.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}