CVE-2020-7389 (GCVE-0-2020-7389)
Vulnerability from cvelistv5 – Published: 2021-07-22 18:27 – Updated: 2024-09-16 16:53
VLAI?
Summary
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.
Severity ?
5.5 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Credits
Jonathan Peterson, Aaron Herndon, Cale Black, Ryan Villarrea, and William Vu, all of Rapid7
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "X3",
"vendor": "Sage",
"versions": [
{
"lessThan": "Syracuse 9.22.7.2",
"status": "affected",
"version": "V9",
"versionType": "custom"
},
{
"lessThan": "Syracuse 11.25.2.6",
"status": "affected",
"version": "V11",
"versionType": "custom"
},
{
"lessThan": "Syracuse 12.10.2.8",
"status": "affected",
"version": "V12",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jonathan Peterson, Aaron Herndon, Cale Black, Ryan Villarrea, and William Vu, all of Rapid7"
}
],
"datePublic": "2021-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T18:27:15",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2021-07-07T13:05:00.000Z",
"ID": "CVE-2020-7389",
"STATE": "PUBLIC",
"TITLE": "Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "X3",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V9",
"version_value": "Syracuse 9.22.7.2"
},
{
"version_affected": "\u003c",
"version_name": "V11",
"version_value": "Syracuse 11.25.2.6"
},
{
"version_affected": "\u003c",
"version_name": "V12",
"version_value": "Syracuse 12.10.2.8"
}
]
}
}
]
},
"vendor_name": "Sage"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Peterson, Aaron Herndon, Cale Black, Ryan Villarrea, and William Vu, all of Rapid7"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed",
"refsource": "MISC",
"url": "https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2020-7389",
"datePublished": "2021-07-22T18:27:15.586124Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T16:53:13.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0\", \"versionEndExcluding\": \"9.22.7.2\", \"matchCriteriaId\": \"B309D53E-8798-4CC9-A1DF-8BBA9E866E96\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:sage:x3:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10B7A74B-E751-45F7-9EE4-615ACEBD59D0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"11.25.2.6\", \"matchCriteriaId\": \"ECB10556-4774-47C1-9AAE-A1AFD5D613C8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:sage:x3:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048ABAC1-817F-4D07-8382-FE37A43EAAA9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0\", \"versionEndExcluding\": \"12.10.2.8\", \"matchCriteriaId\": \"D615B0F7-B0FA-4137-864A-2A742F480CCC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:sage:x3:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38F54117-5406-4CEC-9F4D-61AE27DE7AED\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.\"}, {\"lang\": \"es\", \"value\": \"Una Inyecci\\u00f3n de Comandos de la Variable CHAINE del Sistema en Sage X3. Un usuario autenticado con acceso de desarrollador puede pasar comandos del sistema operativo por medio de esta variable usada por la aplicaci\\u00f3n web. Tenga en cuenta que esta configuraci\\u00f3n para desarrolladores no debe desplegarse en producci\\u00f3n\"}]",
"id": "CVE-2020-7389",
"lastModified": "2024-11-21T05:37:09.920",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cve@rapid7.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-07-22T19:15:08.517",
"references": "[{\"url\": \"https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed\", \"source\": \"cve@rapid7.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.rapid7.com/blog/post/2021/07/07/cve-2020-7387-7390-multiple-sage-x3-vulnerabilities/\", \"source\": \"nvd@nist.gov\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
"sourceIdentifier": "cve@rapid7.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve@rapid7.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-7389\",\"sourceIdentifier\":\"cve@rapid7.com\",\"published\":\"2021-07-22T19:15:08.517\",\"lastModified\":\"2024-11-21T05:37:09.920\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.\"},{\"lang\":\"es\",\"value\":\"Una Inyecci\u00f3n de Comandos de la Variable CHAINE del Sistema en Sage X3. Un usuario autenticado con acceso de desarrollador puede pasar comandos del sistema operativo por medio de esta variable usada por la aplicaci\u00f3n web. Tenga en cuenta que esta configuraci\u00f3n para desarrolladores no debe desplegarse en producci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@rapid7.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve@rapid7.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndExcluding\":\"9.22.7.2\",\"matchCriteriaId\":\"B309D53E-8798-4CC9-A1DF-8BBA9E866E96\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sage:x3:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10B7A74B-E751-45F7-9EE4-615ACEBD59D0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.25.2.6\",\"matchCriteriaId\":\"ECB10556-4774-47C1-9AAE-A1AFD5D613C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sage:x3:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048ABAC1-817F-4D07-8382-FE37A43EAAA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.10.2.8\",\"matchCriteriaId\":\"D615B0F7-B0FA-4137-864A-2A742F480CCC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sage:x3:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38F54117-5406-4CEC-9F4D-61AE27DE7AED\"}]}]}],\"references\":[{\"url\":\"https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed\",\"source\":\"cve@rapid7.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.rapid7.com/blog/post/2021/07/07/cve-2020-7387-7390-multiple-sage-x3-vulnerabilities/\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…