CVE-2019-11029 Information

Description

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This includes SAM-database backups Web.config files etc. and might cause a serious impact on confidentiality.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.kyberturvallisuuskeskus.fi/en/vulnerabilities-mirasys-vms-video-management-solution

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5