CVE-2018-1000839

{"id": "CVE-2018-1000839", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-12-20T15:29:01.813", "references": [{"url": "https://0dd.zone/2018/09/03/lh-ehr-RCE-via-picture-upload/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/LibreHealthIO/lh-ehr/issues/1223", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://0dd.zone/2018/09/03/lh-ehr-RCE-via-picture-upload/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/LibreHealthIO/lh-ehr/issues/1223", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type."}, {"lang": "es", "value": "LH-EHR, en su versi\u00f3n REL-2_0_0, contiene una vulnerabilidad de subida de archivos arbitrarios en la subida de la imagen de perfil que puede resultar en la ejecuci\u00f3n remota de c\u00f3digo. Este ataque parece ser explotable mediante la subida de un archivo PHP con un tipo de imagen MIME."}], "lastModified": "2024-11-21T03:40:28.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:librehealth:librehealth_ehr:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E9170AF-92DB-4B39-AC8F-73EB8CB496CC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}