CVE-2019-5615

Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49.

CVSS v3 6.5 MEDIUM
CVSS v2.0 3.5 LOW

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50	Vendor Advisory
https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:45

Type	Values Removed	Values Added
References	~~() https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50 - Vendor Advisory~~	() https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50 - Vendor Advisory

Information

Published : 2019-04-09 16:29

Updated : 2024-11-21 04:45

NVD link : CVE-2019-5615

Mitre link : CVE-2019-5615

CVE.ORG link : CVE-2019-5615

JSON object : View

Products Affected

rapid7

insightvm

CWE

CWE-257

Storing Passwords in a Recoverable Format

CWE-522

Insufficiently Protected Credentials

{"id": "CVE-2019-5615", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "cve@rapid7.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-04-09T16:29:02.177", "references": [{"url": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50", "tags": ["Vendor Advisory"], "source": "cve@rapid7.com"}, {"url": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve@rapid7.com", "description": [{"lang": "en", "value": "CWE-257"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49."}, {"lang": "es", "value": "Los usuarios con permisos Site-level pueden acceder a los archivos que contienen las contrase\u00f1as cifradas con el nombre de usuario de los Administradores Globales de la Consola de Seguridad y las contrase\u00f1as de texto sin cifrar para restaurar las copias de seguridad, as\u00ed como la sal para esas contrase\u00f1as. Se requieren credenciales v\u00e1lidas para acceder a estos archivos y los usuarios maliciosos a\u00fan tendr\u00edan que realizar un trabajo adicional para descifrar las credenciales y escalar los privilegios. Este problema afecta a: Rapid7 InsightVM versiones 6.5.11 hasta 6.5.49."}], "lastModified": "2024-11-21T04:45:14.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C0739ED-F462-4219-9EB8-3588857A8C9D", "versionEndIncluding": "6.5.49", "versionStartIncluding": "6.5.11"}], "operator": "OR"}]}], "sourceIdentifier": "cve@rapid7.com"}

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.5 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2019-5615

6.5^/10

3.5^/10

Attach tags to `CVE-2019-5615`