Search criteria
6 vulnerabilities found for exfat_driver by asustor
FKIE_CVE-2019-11688
Vulnerability from fkie_nvd - Published: 2020-03-18 15:15 - Updated: 2024-11-21 04:21
Severity ?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.asustor.com/app_central/app_detail?id=776 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.asustor.com/app_central/app_detail?id=776 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asustor | exfat_driver | 1.0.0 | |
| asustor | exfat_driver | 1.0.0 | |
| asustor | exfat_driver | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r14:*:*:*:*:*:*",
"matchCriteriaId": "90D17D19-2591-45EB-A250-4CE98A6CAD8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r15:*:*:*:*:*:*",
"matchCriteriaId": "47ACBAA6-66D1-47F3-AE60-8768C48F7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r20:*:*:*:*:*:*",
"matchCriteriaId": "1468FC2D-F6A0-457B-AB2F-0494D91F70CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSTOR exFAT Driver versiones hasta 1.0.0.r20. Al dirigir la comprobaci\u00f3n de licencia, exfat.cgi y exfatctl aceptan cualquier certificado de asustornasapi.asustor.com. En otras palabras, se presenta una Falta de Comprobaci\u00f3n del Certificado SSL."
}
],
"id": "CVE-2019-11688",
"lastModified": "2024-11-21T04:21:35.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-18T15:15:11.737",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-11689
Vulnerability from fkie_nvd - Published: 2020-03-18 15:15 - Updated: 2024-11-21 04:21
Severity ?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.asustor.com/app_central/app_detail?id=776 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.asustor.com/app_central/app_detail?id=776 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asustor | exfat_driver | 1.0.0 | |
| asustor | exfat_driver | 1.0.0 | |
| asustor | exfat_driver | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r14:*:*:*:*:*:*",
"matchCriteriaId": "90D17D19-2591-45EB-A250-4CE98A6CAD8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r15:*:*:*:*:*:*",
"matchCriteriaId": "47ACBAA6-66D1-47F3-AE60-8768C48F7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asustor:exfat_driver:1.0.0:r20:*:*:*:*:*:*",
"matchCriteriaId": "1468FC2D-F6A0-457B-AB2F-0494D91F70CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSTOR exFAT Driver versiones hasta 1.0.0.r20. Al dirigir la comprobaci\u00f3n de licencia, exfat.cgi y exfatctl presenta un fallo al comprobar apropiadamente las respuestas del servidor y pasan texto no saneado hacia el shell del sistema, resultando en una ejecuci\u00f3n del c\u00f3digo como root."
}
],
"id": "CVE-2019-11689",
"lastModified": "2024-11-21T04:21:35.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-18T15:15:11.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-11689 (GCVE-0-2019-11689)
Vulnerability from cvelistv5 – Published: 2020-03-18 14:59 – Updated: 2024-08-04 23:03
VLAI?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T14:59:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asustor.com/app_central/app_detail?id=776",
"refsource": "MISC",
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"name": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md",
"refsource": "MISC",
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11689",
"datePublished": "2020-03-18T14:59:34",
"dateReserved": "2019-05-02T00:00:00",
"dateUpdated": "2024-08-04T23:03:32.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11688 (GCVE-0-2019-11688)
Vulnerability from cvelistv5 – Published: 2020-03-18 14:58 – Updated: 2024-08-04 23:03
VLAI?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T14:58:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asustor.com/app_central/app_detail?id=776",
"refsource": "MISC",
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"name": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md",
"refsource": "MISC",
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11688",
"datePublished": "2020-03-18T14:58:47",
"dateReserved": "2019-05-02T00:00:00",
"dateUpdated": "2024-08-04T23:03:32.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11689 (GCVE-0-2019-11689)
Vulnerability from nvd – Published: 2020-03-18 14:59 – Updated: 2024-08-04 23:03
VLAI?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T14:59:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asustor.com/app_central/app_detail?id=776",
"refsource": "MISC",
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"name": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md",
"refsource": "MISC",
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11689",
"datePublished": "2020-03-18T14:59:34",
"dateReserved": "2019-05-02T00:00:00",
"dateUpdated": "2024-08-04T23:03:32.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11688 (GCVE-0-2019-11688)
Vulnerability from nvd – Published: 2020-03-18 14:58 – Updated: 2024-08-04 23:03
VLAI?
Summary
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T14:58:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asustor.com/app_central/app_detail?id=776",
"refsource": "MISC",
"url": "https://www.asustor.com/app_central/app_detail?id=776"
},
{
"name": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md",
"refsource": "MISC",
"url": "https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11688",
"datePublished": "2020-03-18T14:58:47",
"dateReserved": "2019-05-02T00:00:00",
"dateUpdated": "2024-08-04T23:03:32.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}