CVE-2018-8820

{"id": "CVE-2018-8820", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2018-03-28T20:29:00.333", "references": [{"url": "http://seclists.org/fulldisclosure/2018/Mar/57", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the \"match\" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials."}, {"lang": "es", "value": "Se ha descubierto un problema en Square 9 GlobalForms 6.2.x. Una vulnerabilidad de inyecci\u00f3n SQL basada en tiempo en el par\u00e1metro \"match\" permite que atacantes remotos autenticados ejecuten comandos SQL arbitrarios. Es posible actualizar el acceso para comprometer por completo el servidor mediante xp_cmdshell. En algunos casos, el requisito de autenticaci\u00f3n para el ataque puede cumplirse mediante el env\u00edo de las credenciales de administrador por defecto."}], "lastModified": "2018-04-23T13:03:57.053", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:square-9:globalforms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3982B657-002F-4C8F-A1EB-2AAE14C142A6", "versionEndIncluding": "6.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}