Lucene search

K
attackerkbAttackerKBAKB:2A3F116D-DC02-4BEA-B9AD-39F7773274AE
HistoryJan 14, 2020 - 12:00 a.m.

CVE-2020-0646

2020-01-1400:00:00
attackerkb.com
22

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ‘.NET Framework Remote Code Execution Injection Vulnerability’.

Recent assessments:

zeroSteiner at March 20, 2020 1:31pm UTC reported:

The SharePoint WorkFlow component is affected by a vulnerability within .NET which can be abused to run arbitrary code when compiling XOML files. An authenticated user would need to issue an HTTP request with crafted XOML-formatted data (for which there are public examples). The vulnerability was patched for on-premises installations of SharePoint on January 2020.

A correct crafted XOML request will result in extra C# code being written to a temporary file on disk as part of the exploitation process. This is how an OS command is then executed.

Both patched and unpatched systems will return compiler error information in the XML response to the HTTP request. A patched system will have an error stating "Compilation failed. The type name: ... is not a valid language-independent type name.". Malformed requests will include relevant information in the compiler error text, which is usually a character escaping issue. For best results escape all characters that are non-alphanumeric as unicode like \u####.

Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 3

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

Related for AKB:2A3F116D-DC02-4BEA-B9AD-39F7773274AE