PT-2019-12149 · Mirasys · Mirasys Vms

Joachim Kerschbaumer

Published

2019-08-22

Updated

2019-08-30

CVE-2019-11029

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mirasys VMS versions prior to 7.6.1 Mirasys VMS versions 8.x prior to 8.3.2

Description The issue concerns the mishandling of the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use .. with this method to iterate over lists of interesting system files and download them without previous authentication. This includes SAM-database backups, Web.config files, etc., and might cause a serious impact on confidentiality.

Recommendations For versions prior to 7.6.1, update to version 7.6.1 or later. For versions 8.x prior to 8.3.2, update to version 8.3.2 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-11029

Affected Products

Mirasys Vms

PT-2019-12149 · Mirasys · Mirasys Vms

CVE-2019-11029

Weakness Enumeration

Related Identifiers

Affected Products

References · 3