[Japanese]

JVNDB-2020-000066

InfoCage SiteShell installs their files with improper access permissions

Overview

InfoCage SiteShell provided by NEC Corporation installs their files with improper access permissions (CWE-732).
Especially, the service executable files can be modified by Everyone users.

NEC Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and NEC Corporation coordinated under the Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products


NEC Corporation
  • InfoCage Host type SiteShell for IIS V1.4
  • InfoCage Host type SiteShell for IIS V1.5
  • InfoCage Host type SiteShell for IIS V1.6
  • InfoCage Host type SiteShell for IIS prior to revision V2.0.0.6
  • InfoCage Host type SiteShell for IIS prior to revision V2.1.0.7
  • InfoCage Host type SiteShell for IIS prior to revision V2.1.1.6
  • InfoCage Host type SiteShell for IIS prior to revision V3.0.0.11
  • InfoCage Host type SiteShell for IIS prior to revision V4.0.0.6
  • InfoCage Host type SiteShell for IIS prior to revision V4.1.0.5
  • InfoCage Host type SiteShell for IIS prior to revision V4.2.0.1
  • InfoCage Host type SiteShell for Apache Windows V1.4
  • InfoCage Host type SiteShell for Apache Windows V1.5
  • InfoCage Host type SiteShell for Apache Windows V1.6
  • InfoCage Host type SiteShell for Apache Windows prior to revision V2.0.0.6
  • InfoCage Host type SiteShell for Apache Windows prior to revision V2.1.0.7
  • InfoCage Host type SiteShell for Apache Windows prior to revision V2.1.1.6
  • InfoCage Host type SiteShell for Apache Windows prior to revision V3.0.0.11
  • InfoCage Host type SiteShell for Apache Windows prior to revision V4.0.0.6
  • InfoCage Host type SiteShell for Apache Windows prior to revision V4.1.0.5
  • InfoCage Host type SiteShell for Apache Windows prior to revision V4.2.0.1

Impact

The service executable files may be modified by local users, resulting in arbitrary code execution with an elevated privilege.
Solution

[Apply the Patch]
Update the software to the appropriate revision according to the information provided by the developer.

The developer has released the following patches:

* V2.0.0.6
* V2.1.0.7
* V2.1.1.6
* V3.0.0.11
* V4.0.0.6
* V4.1.0.5
* V4.2.0.1

According to the developer, V1.4, V1.5 and V1.6 are End-of-Standard-Support and no patches available, users should upgrade them to V2.0 or higher.
Vendor Information

NEC Corporation
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2020-5632
References

  1. JVN : JVN#07426151
  2. National Vulnerability Database (NVD) : CVE-2020-5632
Revision History

  • [2020/09/30]
      Web page was published

Date Public2020/09/30
Date First Published2020/09/30
Date Last Updated2020/09/30