Lucene search

[email protected]CVE-2019-9768

HistoryMar 14, 2019 - 9:29 a.m.

CVE-2019-9768

2019-03-1409:29:00

CWE-264

[email protected]

web.nvd.nist.gov

thinkst canarytokens

cve-2019-9768

word document

metadata

timestamp

security vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.14 Low

EPSS

Percentile

95.6%

JSON

Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.

CPENameOperatorVersion
thinkst:canarytokensthinkst canarytokensle2019-03-01

CPE	Name	Operator	Version
thinkst:canarytokens	thinkst canarytokens	le	2019-03-01

References

packetstormsecurity.com/files/152182/Canarytokens-2019-03-01-Detection-Bypass.html

github.com/thinkst/canarytokens/issues/35

www.exploit-db.com/exploits/46589/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.14 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2019-9768

packetstorm1 zdt1 prion1