CVE-2019-12491

Published Jun 19, 2019

Last updated 4 years ago

CVSS medium 6.6

Overview

Description: OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud (e.g. by renting one). From the source server, the attacker can craft any command and trigger the OnApp platform to execute that command with root privileges on a target server.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.6
Impact score: 5.9
Exploitability score: 0.7
Vector string: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 10
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69BF3143-8278-44A5-BB1E-8462AFAE6287"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.0.0:update_79:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87B6C40F-79D8-4F42-826B-A17EE058F840"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.0.0:update_82:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A1B417A-3F71-4C50-A401-22BEA5B9900D"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.0.0:update_83:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF369ABD-A067-4F88-9701-B1D29D8C9C8C"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.0.0:update_87:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B7F41F4-D1A1-4D96-A34F-4DD9CC5BFF88"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.1.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CDD6842-61D8-45F8-8E09-59C879EFFA57"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.1.0:update_16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78A46C1B-EBD7-4F55-BDFB-2C5FE3346645"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.2.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9C410DD-DDDB-494B-85AA-D57E7C2EEF5A"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58733EB6-0FD5-44FE-A945-EF1C51DEB393"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.3.0:update_41:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51A425DD-0C54-4A4E-8C19-584B79A40EC0"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC8502AE-F953-4F55-86A0-42778C3ADD47"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_66:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E1DE84C-797A-4D82-B720-4974D9913FAC"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_70:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A0F175-D2B5-43EA-9C96-F744A5E65D54"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_72:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E36D51F2-239B-4811-85B7-08B9DAE6E5F5"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_76:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEB6DAEB-849F-45B6-9DED-D62C51BFF98E"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_82:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77D77706-2F27-4627-BD2F-C62864A34299"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.4.0:update_84:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01D036DF-93D1-47A4-A777-883BEDF98B30"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "975A8215-3F78-4DF2-BC87-29AB082BD61A"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_50:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEA161ED-B632-4C8B-8E25-D2E1F36C3E9B"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_59:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9ED8855-F152-4D49-B46B-7280DE737D6C"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_65:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C5A9584-2CBA-41C0-BADF-9D3670D2CBD1"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFD915B0-7AD7-4D5F-A403-CDCDF1944A54"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_80:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF1AC10E-BA79-4004-8282-492A3177F689"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_83:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FDD17AA-5692-4436-BC02-AAF19D557465"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_87:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C048A2-0D03-493B-960F-47BA7BC02D36"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_90:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAD77CE0-0772-4826-A30A-A1452BD1205B"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.5.0:update_92:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C337521B-6DFF-4447-9FA0-FDCC5F6A19F1"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.6.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F5CC2B4-3D43-4288-B3D1-AE60056AEFAD"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.6.0:update_83:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9B4D1BD-054A-4063-A7F4-2B7671A6ADD9"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.7.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FE7B614-42CC-4DDF-AE9B-DE63C0B2086C"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.8.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E571EC0-2A81-4043-A4C6-6B99D23B1894"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.9.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0432345-33B6-4513-8F10-A858722C85BC"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:5.10.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CA56794-CDBC-4F05-8250-4050C00053B1"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_122:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D796CB9-2C7C-4A26-BE66-3E0F5EAF2827"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_152:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B76B395-3E2E-4DEC-A0F0-74BDA785D23C"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_159:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "180E2DE5-6885-4C68-B07B-404AF16B4182"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_62:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CABB0B6-CE8C-47F1-A392-97FA4A4A4B7B"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_80:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DC4588B-6E6D-457D-B895-34D3E63CDA3F"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0:update_98:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7992AA07-B6C1-474F-A07B-52E8C175A91C"
          },
          {
            "criteria": "cpe:2.3:a:onapp:onapp:6.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB1227A4-F5A2-49DF-A689-F0AD5FF759D8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References