ID

VAR-202010-0448


CVE

CVE-2020-24990


TITLE

QSC Q-SYS Core Manager  Traversal Vulnerability in Japan

Trust: 0.8

sources: JVNDB: JVNDB-2020-013273

DESCRIPTION

An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version. QSC Q-SYS is a device used in signal processing from QSC Corporation of the United States. The device is used in audio information processing and information exchange, and can be used in conferences, teachers, lecture halls and other multi-person conference scenarios. Attackers can use this vulnerability to traverse TFTP related directories

Trust: 2.34

sources: NVD: CVE-2020-24990 // JVNDB: JVNDB-2020-013273 // CNVD: CNVD-2020-59737 // VULMON: CVE-2020-24990 // PACKETSTORM: 159699

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-59737

AFFECTED PRODUCTS

vendor:qscmodel:q-sys core managerscope:eqversion:8.2.1

Trust: 2.4

vendor:qscmodel:q-sys core managerscope:eqversion: -

Trust: 0.8

sources: CNVD: CNVD-2020-59737 // JVNDB: JVNDB-2020-013273 // NVD: CVE-2020-24990

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-24990
value: HIGH

Trust: 1.0

NVD: CVE-2020-24990
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-59737
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202010-1421
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-24990
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-59737
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-24990
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-24990
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-59737 // JVNDB: JVNDB-2020-013273 // CNNVD: CNNVD-202010-1421 // NVD: CVE-2020-24990

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.0

problemtype:Path traversal (CWE-22) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-013273 // NVD: CVE-2020-24990

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-1421

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202010-1421

PATCH

title:Q-SYS Core Managerurl:https://q-syshelp.qsc.com/Content/Core_Manager/CoreManager_Overview.htm

Trust: 0.8

sources: JVNDB: JVNDB-2020-013273

EXTERNAL IDS

db:NVDid:CVE-2020-24990

Trust: 3.2

db:PACKETSTORMid:159699

Trust: 2.4

db:JVNDBid:JVNDB-2020-013273

Trust: 0.8

db:CNVDid:CNVD-2020-59737

Trust: 0.6

db:CNNVDid:CNNVD-202010-1421

Trust: 0.6

db:VULMONid:CVE-2020-24990

Trust: 0.1

sources: CNVD: CNVD-2020-59737 // VULMON: CVE-2020-24990 // JVNDB: JVNDB-2020-013273 // PACKETSTORM: 159699 // CNNVD: CNNVD-202010-1421 // NVD: CVE-2020-24990

REFERENCES

url:http://packetstormsecurity.com/files/159699/qsc-q-sys-core-manager-8.2.1-directory-traversal.html

Trust: 2.9

url:http://seclists.org/fulldisclosure/2020/oct/30

Trust: 2.5

url:https://q-syshelp.qsc.com/content/core_manager/coremanager_overview.htm

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-24990

Trust: 1.5

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2020-59737 // VULMON: CVE-2020-24990 // JVNDB: JVNDB-2020-013273 // PACKETSTORM: 159699 // CNNVD: CNNVD-202010-1421 // NVD: CVE-2020-24990

CREDITS

Kevin Randall

Trust: 0.7

sources: PACKETSTORM: 159699 // CNNVD: CNNVD-202010-1421

SOURCES

db:CNVDid:CNVD-2020-59737
db:VULMONid:CVE-2020-24990
db:JVNDBid:JVNDB-2020-013273
db:PACKETSTORMid:159699
db:CNNVDid:CNNVD-202010-1421
db:NVDid:CVE-2020-24990

LAST UPDATE DATE

2024-11-23T22:05:25.693000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-59737date:2020-10-31T00:00:00
db:VULMONid:CVE-2020-24990date:2020-11-17T00:00:00
db:JVNDBid:JVNDB-2020-013273date:2021-06-23T03:28:00
db:CNNVDid:CNNVD-202010-1421date:2020-11-24T00:00:00
db:NVDid:CVE-2020-24990date:2024-11-21T05:16:23.833

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-59737date:2020-10-31T00:00:00
db:VULMONid:CVE-2020-24990date:2020-10-28T00:00:00
db:JVNDBid:JVNDB-2020-013273date:2021-06-23T00:00:00
db:PACKETSTORMid:159699date:2020-10-26T16:29:26
db:CNNVDid:CNNVD-202010-1421date:2020-10-26T00:00:00
db:NVDid:CVE-2020-24990date:2020-10-28T19:15:13.620