10

CVE-2017-12796

Exploit

EPSS 5.73%
Veröffentlicht 23.10.2017 04:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openmrs ≫ Openmrs Version < 2.6.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.73%	0.901

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

https://isears.github.io/jekyll/update/2017/10/21/openmrs-rce.html

Exploit

https://talk.openmrs.org/t/critical-security-advisory-2017-09-12/13291

Vendor Advisory

https://wiki.openmrs.org/display/RES/Release+Notes+2.6.1

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2017-12796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-12796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-12796

EUVD