CVE-2020-15788

A vulnerability has been identified in Polarion Subversion Webclient (All versions). The Polarion subversion web application does not filter user input in a way that prevents Cross-Site Scripting. If a user is enticed into passing specially crafted, malicious input to the web client (e.g. by clicking on a malicious URL with embedded JavaScript), then JavaScript code can be returned and may then be executed by the user’s client. Various actions could be triggered by running malicious JavaScript code.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-436520.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:polarion_subversion_webclient:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-09-09 19:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-15788

Mitre link : CVE-2020-15788

CVE.ORG link : CVE-2020-15788

JSON object : View

Products Affected

siemens

polarion_subversion_webclient

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

{"id": "CVE-2020-15788", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2020-09-09T19:15:20.163", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436520.pdf", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Polarion Subversion Webclient (All versions). The Polarion subversion web application does not filter user input in a way that prevents Cross-Site Scripting. If a user is enticed into passing specially crafted, malicious input to the web client (e.g. by clicking on a malicious URL with embedded JavaScript), then JavaScript code can be returned and may then be executed by the user\u2019s client. Various actions could be triggered by running malicious JavaScript code."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Polarion Subversion Webclient (todas las versiones). La aplicaci\u00f3n web Polarion subversion no filtra la entrada del usuario de una manera que impide un Cross-Site Scripting. Si un usuario es tentado a pasar una entrada maliciosa especialmente dise\u00f1ada al cliente web (por ejemplo, al hacer clic en una URL maliciosa con JavaScript insertado), el c\u00f3digo JavaScript puede ser devuelto y luego ejecutado por el cliente del usuario. Varias acciones pueden ser activadas ejecutando c\u00f3digo JavaScript malicioso."}], "lastModified": "2020-09-14T20:38:54.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:polarion_subversion_webclient:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8C6D584-AB51-40BA-9E4E-1F635297738D"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}