Path traversal in Lussumo Vanilla
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-9889 |
| CWE-ID | CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Vanilla Other software / Other software solutions |
| Vendor | Lussumo |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Path traversal
EUVDB-ID: #VU31142
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-9889
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code under the context of the web server.
MitigationInstall update from vendor's website.
Vulnerable software versionsVanilla: 2.6.1 - 2.6.3
CPE2.3- cpe:2.3:a:lussumo:vanilla:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:lussumo:vanilla:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:lussumo:vanilla:2.6.3:*:*:*:*:*:*:*
http://github.com/vanilla/vanilla/compare/b043ae8...9f12b22
http://github.com/vanilla/vanilla/pull/7840
http://hackerone.com/reports/411140
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
