CVE-2017-17418

{"id": "CVE-2017-17418", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-02-08T18:29:00.493", "references": [{"url": "https://zerodayinitiative.com/advisories/ZDI-17-983", "tags": ["Third Party Advisory", "VDB Entry"], "source": "zdi-disclosures@trendmicro.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Secondary", "source": "zdi-disclosures@trendmicro.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPolicy Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. Was ZDI-CAN-4229."}, {"lang": "es", "value": "Esta vulnerabilidad permite que los atacantes remotos ejecuten c\u00f3digo arbitrario en instalaciones vulnerables de Quest NetVault Backup 11.3.0.12. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. Este error en concreto existe en la gesti\u00f3n de peticiones de m\u00e9todo GET NVBUPolicy. El problema deriva de la falta de validaci\u00f3n correcta de una cadena proporcionada por el usuario antes de emplearla para construir consultas SQL. Un atacante podr\u00eda aprovecharse de esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de la base de datos subyacente. Anteriormente era ZDI-CAN-4229."}], "lastModified": "2019-10-09T23:25:33.097", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:quest:netvault_backup:11.3.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF09118D-83F5-41E0-A956-24922A284703"}], "operator": "OR"}]}], "sourceIdentifier": "zdi-disclosures@trendmicro.com"}