PT-2020-10311 · Selesta · Selesta Visual Access Manager

Published

2020-02-26

Updated

2021-07-21

CVE-2019-19992

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Selesta Visual Access Manager (VAM) versions 4.15.0 through 4.29

Description An issue allows a user with valid credentials to read XML files on the filesystem via the web interface. The PHP page /common/vam editXml.php does not check the parameter that identifies the file name to be read, allowing an attacker to manipulate the file name and access potentially sensitive files within the filesystem.

Recommendations For versions 4.15.0 through 4.29, consider restricting access to the /common/vam editXml.php page until a patch is available, and ensure that parameters identifying file names are properly validated to prevent unauthorized file access.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-19992

Affected Products

Selesta Visual Access Manager

PT-2020-10311 · Selesta · Selesta Visual Access Manager

CVE-2019-19992

Weakness Enumeration

Related Identifiers

Affected Products

References · 5