CVE-2018-9246

{"id": "CVE-2018-9246", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-06-08T01:29:02.170", "references": [{"url": "https://archive.ledgersmb.org/ledger-smb-announce/msg00280.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-116"}]}], "descriptions": [{"lang": "en", "value": "The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application."}, {"lang": "es", "value": "El m\u00f3dulo PGObject::Util::DBAdmin en versiones anteriores a la 0.120.0 para Perl, tal y como se utiliza en LedgerSMB hasta la versi\u00f3n 1.5.x sanea o escapa insuficientemente los valores de variable que se emplean como parte de una ejecuci\u00f3n de comandos shell, lo que resulta en la inyecci\u00f3n de c\u00f3digo shell mediante las funciones create(), run_file(), backup() o restore(). La vulnerabilidad permite que usuarios no autorizados ejecuten c\u00f3digo con los mismos privilegios que la aplicaci\u00f3n que se est\u00e1 ejecutando."}], "lastModified": "2018-08-01T16:00:26.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pgobject-util-dbadmin_project:pgobject-util-dbadmin:*:*:*:*:*:perl:*:*", "vulnerable": true, "matchCriteriaId": "19AA986F-B73C-4BD6-9FFD-8A808B2D45B3", "versionEndExcluding": "0.120.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2369675-B321-4129-9FFF-9F305C4B32B0", "versionEndIncluding": "1.5.21", "versionStartIncluding": "1.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}