CVE-2020-24384

{"id": "CVE-2020-24384", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-11-10T14:15:10.617", "references": [{"url": "https://support.a10networks.com/support/security_advisory/acos-agalaxy-gui-rce-vulnerability-cve-2020-24384", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x, and 5.0.x are affected."}, {"lang": "es", "value": "Las Interfaces de Usuario Graficas (GUIs) de administraci\u00f3n de A10 Networks ACOS y aGalaxy, presentan una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota (RCE) no autenticada que podr\u00eda ser usada para comprometer los sistemas ACOS afectados. Las versiones de ACOS 3.2.x (incluyendo y posteriores a 3.2.2), versiones 4.x y 5.1.x est\u00e1n afectadas. aGalaxy versiones 3.0.x, 3.2.x y 5.0.x est\u00e1n afectadas"}], "lastModified": "2020-11-24T18:01:41.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:a10networks:agalaxy:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5500256E-D48A-458D-ACCD-04CFFF02E865", "versionEndIncluding": "3.2.4", "versionStartIncluding": "3.2.1"}, {"criteria": "cpe:2.3:a:a10networks:agalaxy:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43397743-A284-41A8-972D-61BB362C4DA3", "versionEndExcluding": "5.0.5", "versionStartIncluding": "5.0.1"}, {"criteria": "cpe:2.3:a:a10networks:agalaxy:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE9B56DC-D45A-416E-AAC0-09B2D9D2CE93"}, {"criteria": "cpe:2.3:a:a10networks:agalaxy:3.0.4:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34AD3D63-8524-422A-8CE4-392DE6F74104"}, {"criteria": "cpe:2.3:a:a10networks:agalaxy:5.0.5:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC41B226-C249-4677-89CB-3787BD8F3B52"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6514C456-8CA5-4939-A80C-6A3081CC64F0"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28642F62-91FB-4F92-A4D1-53985F26FC75"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07E749B1-1A78-47B8-9BD4-0B5B6D95DBCE"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.3:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F305ADC-1134-4803-96FB-57C14822AF6B"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41F51E66-E577-424F-B74B-F306D49A802B"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.4:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EC8374A-A278-4263-80F3-746A887FBE82"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.5:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0ACFE471-EF10-4157-9236-13D6FEE298F7"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.5:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A22D257-3230-40BB-B50A-DD96EC5966AB"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20BA3258-B0A2-4A89-800B-2A9F4AC05761"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.0.1:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5DEA310-5EDE-4212-9D16-3067666A16FB"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18D0BE5E-B432-4F69-B6E9-EFF68AB04E86"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F4DC16D-4484-4C81-8F6C-288BD87A2073"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00FBA24A-2494-4C8C-A55F-5B215C4C18F7"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p13:sp1:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "778A9624-7995-44E8-926C-82A3601DAD24"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD6BD1B0-D2A9-464E-945F-DEB1A7F944AD"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:p5:sp1:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "181C5A1C-19B7-4C19-AAFC-B417EA1C8CF9"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9631578F-ECEA-4215-B00E-79E89E191A09"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:gr1-p4:sp1:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFAA40FD-6A6C-45A7-81DE-2824FC972FBF"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.100:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC830D1C-11B9-4E2F-BB61-532D731E74F1"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.100:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39207A9E-8C7A-477C-A6EA-CCB68FF0F8E2"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:5.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B414EAFE-FB76-4B64-8781-E2653A38D9F2"}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:5.1.0:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "912D9FD6-D52E-42FA-9CF3-D84955E9907D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}