Tibbo AggreGate up to 5.30.05 Server Service ag_server_service.exe code injection
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
A vulnerability was found in Tibbo AggreGate up to 5.30.05. It has been rated as problematic. This issue affects an unknown function of the file ag_server_service.exe of the component Server Service. The manipulation with an unknown input leads to a code injection vulnerability. Using CWE to declare the problem leads to CWE-94. The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class.
The weakness was shared 11/21/2015 by Andrea Micalizzi (rgod) (Website). The advisory is shared at ics-cert.us-cert.gov. The identification of this vulnerability is CVE-2015-7913 since 10/22/2015. An attack has to be approached locally. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1059 for this issue.
The commercial vulnerability scanner Qualys is able to test this issue with plugin 124279 (Tibbo AggreGate Platform Multiple Vulnerabilities).
Upgrading to version 5.30.06 eliminates this vulnerability.
The entry 79288 is related to this item.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.7
VulDB Base Score: 5.9
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Code injectionCWE: CWE-94 / CWE-74 / CWE-707
ATT&CK: T1059
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: AggreGate 5.30.06
Timeline
10/22/2015 🔍11/19/2015 🔍
11/19/2015 🔍
11/21/2015 🔍
11/21/2015 🔍
11/23/2015 🔍
12/28/2015 🔍
06/19/2018 🔍
Sources
Advisory: ics-cert.us-cert.govResearcher: Andrea Micalizzi (rgod)
Status: Not defined
CVE: CVE-2015-7913 (🔍)
Vulnerability Center: 55401 - Tibbo AggreGate before 5.30.06 Local Code Execution via the Apache Axis AdminService Deployment Method, High
SecurityFocus: 77658 - AggreGate Platform Multiple Arbitrary File Upload Vulnerabilities
See also: 🔍
Entry
Created: 11/23/2015 10:37Updated: 06/19/2018 21:09
Changes: 11/23/2015 10:37 (54), 06/19/2018 21:09 (10)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.