CVE-2020-35720 - Vulnerability Details - OpenCVE

Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Quest	Policy Authority For Unified Communications

Configuration 1 [-]

cpe:2.3:a:quest:policy_authority_for_unified_communications:8.1.2.200:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications
https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-01-11T02:55:38

Updated: 2024-08-04T17:09:15.195Z

Reserved: 2020-12-27T00:00:00

Link: CVE-2020-35720

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-01-11T03:15:13.773

Modified: 2024-11-21T05:27:55.300

Link: CVE-2020-35720

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-15T21:07:54", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"tags": ["x_refsource_MISC"], "url": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}], "tags": ["unsupported-when-assigned"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-35720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** UNSUPPORTED WHEN ASSIGNED ** Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications", "refsource": "MISC", "url": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"name": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications", "refsource": "MISC", "url": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:09:15.195Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-35720", "datePublished": "2021-01-11T02:55:38", "dateReserved": "2020-12-27T00:00:00", "dateUpdated": "2024-08-04T17:09:15.195Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quest:policy_authority_for_unified_communications:8.1.2.200:*:*:*:*:*:*:*", "matchCriteriaId": "C4ADC1F4-3790-4182-B1BF-40D1CD51B785", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"}, {"lang": "es", "value": "** NO COMPATIBLE CUANDO SE ASIGN\u00d3 ** Una vulnerabilidad de tipo XSS almacenado en Quest Policy Authority versi\u00f3n 8.1.2.200, permite a atacantes remotos almacenar c\u00f3digo malicioso en varios campos (first name, last name, y logon name) al crear o modificar un usuario por medio del archivo submitUser.jsp. NOTA: Esta vulnerabilidad solo afecta a los productos que no son compatibles con el mantenedor"}], "id": "CVE-2020-35720", "lastModified": "2024-11-21T05:27:55.300", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-11T03:15:13.773", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}