CVE-2020-35580 Information

Description

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally this may be used to read the contents of the SearchBlox configuration file (e.g. searchblox/WEB-INF/config.xml) which contains both the Super Admin’s API key and the base64 encoded SHA1 password hashes of other SearchBlox users.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://developer.searchblox.com/docs/getting-started-with-searchblox https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.html A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally this may be used to read the contents of the SearchBlox configuration file (e.g. searchblox/WEB-INF/config.xml) which contains both the Super Admin’s API key and the base64 encoded SHA1 password hashes of other SearchBlox users.

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5