Details of VAR-202009-0229

ID

VAR-202009-0229

CVE

CVE-2020-13260

TITLE

RAD SecFlow-1v Cross-site Scripting Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-011433

DESCRIPTION

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259. RAD SecFlow-1v Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

Trust: 1.71

sources: NVD: CVE-2020-13260 // JVNDB: JVNDB-2020-011433 // VULMON: CVE-2020-13260

AFFECTED PRODUCTS

vendor:	rad	model:	secflow-1v	scope:	eq	version:	os-image_sf_0290_2.3.01.26	Trust: 1.0
vendor:	rad	model:	secflow-1v	scope:	eq	version:	-	Trust: 0.8
vendor:	rad	model:	secflow-1v	scope:	lte	version:	secflow-1v firmware 2020-05-21 until	Trust: 0.8

sources: JVNDB: JVNDB-2020-011433 // NVD: CVE-2020-13260

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-13260
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-13260
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202009-1077
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2020-13260
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-13260
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2020-13260
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.1
Trust: 1.0
NVD:	CVE-2020-13260
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-13260 // JVNDB: JVNDB-2020-011433 // CNNVD: CNNVD-202009-1077 // NVD: CVE-2020-13260

PROBLEMTYPE DATA

problemtype:	CWE-79	Trust: 1.0
problemtype:	CWE-434	Trust: 1.0
problemtype:	Cross-site scripting (CWE-79) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-011433 // NVD: CVE-2020-13260

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1077

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202009-1077

PATCH

title:	SecFlow-1v	url:	https://www.rad.com/products/secflow-1v-IIoT-Gateway#panels-ipe-paneid-143837	Trust: 0.8
title:	OpenVPN Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128780	Trust: 0.6
title:	CVE-2020-13259	url:	https://github.com/UrielYochpaz/CVE-2020-13259	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	PoC	url:	https://github.com/Jonathan-Elias/PoC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/developer3000S/PoC-in-GitHub	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/hectorgie/PoC-in-GitHub	Trust: 0.1

sources: VULMON: CVE-2020-13260 // JVNDB: JVNDB-2020-011433 // CNNVD: CNNVD-202009-1077

EXTERNAL IDS

db:	EXPLOIT-DB	id:	48807	Trust: 2.5
db:	NVD	id:	CVE-2020-13260	Trust: 2.5
db:	CXSECURITY	id:	WLB-2020090063	Trust: 1.7
db:	JVNDB	id:	JVNDB-2020-011433	Trust: 0.8
db:	CNNVD	id:	CNNVD-202009-1077	Trust: 0.6
db:	VULMON	id:	CVE-2020-13260	Trust: 0.1

sources: VULMON: CVE-2020-13260 // JVNDB: JVNDB-2020-011433 // CNNVD: CNNVD-202009-1077 // NVD: CVE-2020-13260

REFERENCES

url:	https://www.exploit-db.com/exploits/48807	Trust: 2.5
url:	https://www.rad.com/products/secflow-1v-iiot-gateway#panels-ipe-paneid-143837	Trust: 1.7
url:	https://cxsecurity.com/issue/wlb-2020090063	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13260	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/79.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/434.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/urielyochpaz/cve-2020-13259	Trust: 0.1

sources: VULMON: CVE-2020-13260 // JVNDB: JVNDB-2020-011433 // CNNVD: CNNVD-202009-1077 // NVD: CVE-2020-13260

SOURCES

db:	VULMON	id:	CVE-2020-13260
db:	JVNDB	id:	JVNDB-2020-011433
db:	CNNVD	id:	CNNVD-202009-1077
db:	NVD	id:	CVE-2020-13260

LAST UPDATE DATE

2024-11-23T22:37:15.786000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-13260	date:	2021-07-21T00:00:00
db:	JVNDB	id:	JVNDB-2020-011433	date:	2021-04-02T05:20:00
db:	CNNVD	id:	CNNVD-202009-1077	date:	2020-09-25T00:00:00
db:	NVD	id:	CVE-2020-13260	date:	2024-11-21T05:00:53.807

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-13260	date:	2020-09-17T00:00:00
db:	JVNDB	id:	JVNDB-2020-011433	date:	2021-04-02T00:00:00
db:	CNNVD	id:	CNNVD-202009-1077	date:	2020-09-17T00:00:00
db:	NVD	id:	CVE-2020-13260	date:	2020-09-17T20:15:13.167