'[FD] CVE-2021-40680: Artica Proxy VMWare Appliance 4.30.000000 <=[SP273] Rev.1'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] CVE-2021-40680: Artica Proxy VMWare Appliance 4.30.000000 <=[SP273] Rev.1
From:       Heiko Feldhusen via Fulldisclosure <fulldisclosure () seclists ! org>
Date:       2022-04-19 5:22:33
Message-ID: 886201bf94bd4685a300f82e830ab56e () rheinmetall-cyber ! solutions
[Download RAW message or body]

---------------------------------------------------------------

> [Vulnerability Type]

> > Directory Traversal

---------------------------------------------------------------

> [Additional Information]

> > Advisory ID: RCS20210707-0 Product: Artica Proxy VMWare

> > Appliance Vendor/Manufacturer: ArticaTech

> > (https://www.articatech.com) Affected Version(s):

> > 4.30.000000 <={SP273] Tested Version(s): 4.30.000000

> > {SP273] Vulnerability Type: Relative path traversal

> > {CWE-23], Improper Limitation of a Pathname to a restricted

> > Directory {CWE-22], {CWE 35], {CWE 36], {CAPEC-126] CVSS

> > v3.1 Risk Level: High CVSS v3.1 Risk Score: 8.1 CVSS v3.1

> > Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS

> > v3.0 Risk Level: High CVSS v3.0 Risk Score: 8.1 CVSS v3.0

> > Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS

> > v2.0 Risk Level: High CVSS v2.0 Base Score: 7.8 CVSS v2.0

> > Temporal Score: 6.1 CVSS v2.0 Vector:

> > CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N CVSS v2.0 Temporal Vector:

> > CVSS2#E:POC/RL:OF/RC:C Solution Status: Fixed in Version

> > 4.30.000000 {SP273] Manufacturer Notification: 5th July

> > 2021 Solution Date: 9th August 2021 Public Disclosure:

> > 26.08.2021 CVE Reference: Author of Advisory: Heiko

> > Feldhusen, Rheinmetall Cyber Solutions GmbH

---------------------------------------------------------------

> [Affected Component]

> > Web-Filtering Page

---------------------------------------------------------------

> [Attack Type]

> > Remote

---------------------------------------------------------------

> [Impact Information Disclosure]

> > true

---------------------------------------------------------------

> [Attack Vectors]

> > simply using the url of the product within a

> > standard-browser

---------------------------------------------------------------

> [Has vendor confirmed]

> > true

---------------------------------------------------------------

> [Discoverer]

> > Heiko Feldhusen, Rheinmetall-Cyber-Solutions

---------------------------------------------------------------

> [Reference]

> > https://seclists.org/fulldisclosure/2021/Sep/6<%20https:/seclists.org/fulldisclosure/2021/Sep/6>
> > 

> > http://articatech.net/service-packs-unstable-new.php?patch=273&main=4.30.000000<%20http:/articatech.net/service-packs-unstable-new.php?patch=273&main=4.30.000000>
> > 

---------------------------------------------------------------

> [Vendor of Product]

> > Artica Tech

---------------------------------------------------------------

> [Affected Product Code Base]

> > affected Versions: Artica Proxy VMWare Appliance

> > 4.30.000000 <={SP273] fixed Artica Proxy VMWare Appliance

> > 4.30.000000 >{SP273]

---------------------------------------------------------------

Directory Traversal vulnerability in Artica Proxy VMWare Appliance 4.30.000000 <=[SP273]. This \
vulnerability exists in the used cgi function, which is a built in part of the proxy. Directory \
traversal vulnerability in Arctica Proxy 4.30.000000 from SP206 to SP255, via the filename \
parameter to /cgi-bin/main.cgi.

Mit freundlichen Grüßen / Yours Sincerely

Heiko Feldhusen
ISOC Engineer
Engineering

Rheinmetall Cyber Solutions GmbH
Mary-Somerville-Str. 14 · 28359 Bremen · Germany
Tel. / Phone

+49 (0) 421 8070 1025<tel:+4942180701025>

Heiko.Feldhusen@rheinmetall-cyber.solutions<mailto:Heiko.Feldhusen@rheinmetall-cyber.solutions>
www.rheinmetall-cyber.solutions
Think before you print!

[cid:image001.png@01D853BE.3C0BFD60]

Rheinmetall Cyber Solutions GmbH
Mary-Somerville-Str. 14, 28359 Bremen, Germany  Sitz der Gesellschaft: Bremen
Amtsgericht Bremen HRB 35895
Geschäftsführung/Executive Board:
Moritz Pichler, Jendrik Kreisel
This email may contain confidential information. If you are not the intended addressee, or if \
the information provided in this email including any attachments) is evidently not destined for \
you, kindly inform us promptly and delete the message received in error (including any \
attachments) by erasing it from all your computers and other storage devices or media and \
destroying any hard copies thereof. Any unauthorized processing, forwarding, disclosure, \
distribution, divulgation, storage, printout or other use of this message or its attachment is \
prohibited. If your system is infected or otherwise bugged by any virus that is carried by this \
email, we disclaim any liability whatsoever for the ensuing loss or damage unless caused by our \
intention or gross negligence.

["image001.png" (image/png)]

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
--===============7845627980357952520==--

[prev in list] [next in list] [prev in thread] [next in thread] 