CVE-2019-14224

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr configuration files and then receive a JMX connection from the victim, and serve a Java object that results in deserialization and code execution.

CVSS v3 7.2 HIGH
CVSS v2.0 9.0 HIGH

7.2^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14224-Authenticated%20Remote%20Code%20Execution-Alfresco%20Community	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:alfresco:alfresco:5.2:*:*:*:community:*:*:*

History

No history.

Information

Published : 2019-09-05 22:15

Updated : 2023-12-10 12:59

NVD link : CVE-2019-14224

Mitre link : CVE-2019-14224

CVE.ORG link : CVE-2019-14224

JSON object : View

Products Affected

alfresco

alfresco

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2019-14224", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2019-09-05T22:15:11.427", "references": [{"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14224-Authenticated%20Remote%20Code%20Execution-Alfresco%20Community", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr configuration files and then receive a JMX connection from the victim, and serve a Java object that results in deserialization and code execution."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Alfresco Community Edition versi\u00f3n 5.2 201707. Mediante el aprovechamiento de m\u00faltiples componentes en las aplicaciones de Alfresco Software, se observ\u00f3 una cadena de explotaciones que permite a un atacante lograr la ejecuci\u00f3n de c\u00f3digo remota en la m\u00e1quina v\u00edctima. El atacante necesita cargar archivos de configuraci\u00f3n de Solr maliciosos y entonces recibir una conexi\u00f3n JMX de la v\u00edctima y servir un objeto Java lo que resulta en la deserializaci\u00f3n y ejecuci\u00f3n de c\u00f3digo."}], "lastModified": "2020-08-24T17:37:01.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:alfresco:alfresco:5.2:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "013417A2-71FD-4C37-9EC2-3CEA16CFBC85"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}