CVE-2017-16961

{"id": "CVE-2017-16961", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-11-27T10:29:00.597", "references": [{"url": "https://github.com/bigtreecms/BigTree-CMS/issues/323", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. The attack uses an admin/trees/add/process request with a crafted _tags[] parameter that is mishandled in a later admin/ajax/dashboard/approve-change request."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n SQL en core/inc/auto-modules.php en BigTree CMS hasta la versi\u00f3n 4.2.19 permite que atacantes remotos autenticados obtengan informaci\u00f3n en el contexto del usuario empleado por la aplicaci\u00f3n para recuperar datos de la base de datos. El atacante emplea una petici\u00f3n admin/trees/add/process con un par\u00e1metro _tags[] manipulado que se gestiona de manera incorrecta en un petici\u00f3n admin/ajax/dashboard/approve-change posterior."}], "lastModified": "2017-12-07T18:41:40.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bigtreecms:bigtree_cms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AEF2D8C-985C-4948-8E75-382B335E7C4E", "versionEndIncluding": "4.2.19"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}