CVE-2019-11552

Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user.

CVSS v3 7.0 HIGH
CVSS v2.0 4.4 MEDIUM

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://bordplate.no/blog/en/post/crashplan-privilege-escalation/	Exploit Third Party Advisory
https://code42.com/r/support/CVE-2019-11552	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:code42:code42_for_enterprise::::::::
	cpe:2.3:a:code42:code42_for_enterprise::::::::
	cpe:2.3:a:code42:code42_for_enterprise::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:code42:crashplan_for_small_business::::::::
	cpe:2.3:a:code42:crashplan_for_small_business::::::::
	cpe:2.3:a:code42:crashplan_for_small_business::::::::

History

18 Apr 2022, 17:01

Type	Values Removed	Values Added
CWE	~~CWE-434~~	CWE-94
References	~~(CONFIRM) https://code42.com/r/support/CVE-2019-11552 -~~	(CONFIRM) https://code42.com/r/support/CVE-2019-11552 - Vendor Advisory

Information

Published : 2019-07-19 14:15

Updated : 2024-02-04 20:20

NVD link : CVE-2019-11552

Mitre link : CVE-2019-11552

CVE.ORG link : CVE-2019-11552

JSON object : View

Products Affected

code42

code42_for_enterprise
crashplan_for_small_business

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2019-11552", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}]}, "published": "2019-07-19T14:15:12.297", "references": [{"url": "https://bordplate.no/blog/en/post/crashplan-privilege-escalation/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://code42.com/r/support/CVE-2019-11552", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user."}, {"lang": "es", "value": "Code42 Enterprise y Crashplan for Small Business Client versiones 6.7 anteriores a 6.7.5, versiones 6.8 anteriores a 6.8.8 y versiones 6.9 anteriores a 6.9.4, permite una inyecci\u00f3n eval. Un archivo de autoconfiguraci\u00f3n de proxy, dise\u00f1ado por un usuario menos privilegiado, puede ser usado para ejecutar c\u00f3digo arbitrario con un privilegio superior al de un usuario de servicio."}], "lastModified": "2022-04-18T17:01:25.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:code42:code42_for_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E60B9E-F766-42C2-979C-A1432B1EEE6D", "versionEndExcluding": "6.7.5", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:a:code42:code42_for_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8567BB9A-5F40-45BE-A105-3203190A2C18", "versionEndExcluding": "6.8.8", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:a:code42:code42_for_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85A9B2FE-02C9-4E1A-8AB9-E60EB2DCC482", "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:code42:crashplan_for_small_business:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "969D004D-A8EA-4C09-913C-0D837C6645B7", "versionEndExcluding": "6.7.5", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:a:code42:crashplan_for_small_business:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29E9F36F-3722-4C5A-BC81-3473396FE50A", "versionEndExcluding": "6.8.8", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:a:code42:crashplan_for_small_business:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD2A4C11-7783-4055-AC24-E100F49A0593", "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}