CVE-2020-28054

{"id": "CVE-2020-28054", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-11-19T16:15:10.907", "references": [{"url": "https://tsmmanager.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://voidsec.com", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://voidsec.com/tivoli-madness/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://tsmmanager.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://voidsec.com", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://voidsec.com/tivoli-madness/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified (binary patched) and the Bypass Login functionality is being used, an attacker can request every Collector's functionality as if they were a properly logged-in user: administrating connected instances, reviewing logs, editing configurations, accessing the instances' consoles, accessing hardware configurations, etc.Exploiting this vulnerability won't grant an attacker access nor control on remote ISP servers as no credentials is sent with the request."}, {"lang": "es", "value": "JamoDat TSMManager Collector versiones hasta 6.5.0.21, es vulnerable a una Omisi\u00f3n de Autorizaci\u00f3n porque el componente Collector no est\u00e1 comprobando apropiadamente una sesi\u00f3n autenticada con el Viewer. Si el Viewer ha sido modificado (parcheado binario) y est\u00e1 siendo usada la funcionalidad Bypass Login, un atacante puede pedir la funcionalidad de cada recopilador como si fuera un usuario que inici\u00f3 sesi\u00f3n apropiadamente: administrando instancias conectadas, revisando registros, editando configuraciones, accediendo a las instancias de unas consolas, accediendo a configuraciones de hardware, etc. La explotaci\u00f3n de esta vulnerabilidad no garantiza a un atacante acceso ni control en los servidores de ISP remotos, ya que las credenciales no son enviadas con la petici\u00f3n"}], "lastModified": "2024-11-21T05:22:17.583", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tsmmanager:tsmmanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C49F1BFE-942F-481B-965B-5177F9131C28", "versionEndIncluding": "6.5.0.21"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}