PT-2020-20608 · Isomorphic · Smartclient
Published
2020-02-23
·
Updated
2021-07-21
·
CVE-2020-9354
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SmartClient version 12.0
Description
An issue was discovered in the Remote Procedure Call (RPC)
saveFile provided by the console functionality on the "/tools/developerConsoleOperations.jsp" (or "/isomorphic/IDACall") API endpoint. This allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path traversal.Recommendations
For SmartClient version 12.0, consider disabling the
saveFile function until a patch is available to prevent file overwrites. Restrict access to the "/tools/developerConsoleOperations.jsp" and "/isomorphic/IDACall" API endpoints to minimize the risk of exploitation. Avoid using the saveFile functionality in the affected API endpoints until the issue is resolved.Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Smartclient