CVE-2018-1000138

{"id": "CVE-2018-1000138", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2018-03-23T21:29:00.457", "references": [{"url": "https://github.com/mkucej/i-librarian/blob/9535753a84bc615b210802d4c9542db73368d984/functions.php#L811", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/mkucej/i-librarian/issues/120", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "I, Librarian version 4.8 and earlier contains a SSRF vulnerability in \"url\" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources."}, {"lang": "es", "value": "I, Librarian en versiones 4.8 y anteriores contiene una vulnerabilidad de Server Side Request Forgery (SSRF) en el par\u00e1metro \"url\" de getFromWeb en functions.php. Esto puede dar como resultado que el atacante abuse de las funcionalidades de leer o actualizar recursos internos en el servidor."}], "lastModified": "2018-04-13T13:16:25.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:i-librarian:i_librarian:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD73090A-7B0E-4D1F-98D2-4F9933C75121", "versionEndIncluding": "4.8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}