CVE-2019-11444

{"id": "CVE-2019-11444", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2019-04-22T11:29:05.830", "references": [{"url": "https://dev.liferay.com/discover/portal/-/knowledge_base/7-1/running-scripts-from-the-script-console", "source": "cve@mitre.org"}, {"url": "https://pentest.com.tr/exploits/Liferay-CE-Portal-Tomcat-7-1-2-ga3-Groovy-Console-Remote-Command-Execution-Metasploit.html", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/46525", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://dev.liferay.com/discover/portal/-/knowledge_base/7-1/running-scripts-from-the-script-console", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://pentest.com.tr/exploits/Liferay-CE-Portal-Tomcat-7-1-2-ga3-Groovy-Console-Remote-Command-Execution-Metasploit.html", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/46525", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by \"def cmd =\" in the ServerAdminPortlet_script value to group/control_panel/manage. Valid credentials for an application administrator user account are required. NOTE: The developer disputes this as a vulnerability since it is a feature for administrators to run groovy scripts and therefore not a design flaw"}, {"lang": "es", "value": "** EN DISPUTA ** Fue encontrado un problema en Liferay Portal CE 7.1.2 GA3. Un atacante puede usar la consola de script Groovy de Liferay para ejecutar comandos del sistema operativo. Los comandos se pueden ejecutar mediante una llamada a [command].execute(), como lo demuestra \"def cmd =\" ??en el valor ServerAdminPortlet_script hacia group/control_panel/manage. Se requieren credenciales v\u00e1lidas para una cuenta de usuario administrador de la aplicaci\u00f3n. NOTA: El desarrollador cuestiona esto como una vulnerabilidad, ya que es una caracter\u00edstica para que los administradores ejecuten scripts en groovy , y en consecuencia, no es una fallo de dise\u00f1o."}], "lastModified": "2024-11-21T04:21:05.430", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:liferay:liferay_portal:7.1.2:ga3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B3B7D03-C4E0-4FAE-8BD9-04F12B1E7B50"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}