Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2020-13151

Date: August 5, 2020

Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.

Language: C

Severity Score

Related Resources (8)

https://b4ny4n.github.io/network-pentest/2020/08/01/cve-2020-13151-poc-aerospike.html
https://nvd.nist.gov/vuln/detail/CVE-2020-13151
https://www.aerospike.com/docs/operations/configure/security/access-control/index.html#create-users-and-assign-roles
http://packetstormsecurity.com/files/160451/Aerospike-Database-UDF-Lua-Code-Execution.html
https://www.aerospike.com/enterprise/download/server/notes.html#5.1.0.3
https://www.aerospike.com/download/server/notes.html#5.1.0.3
http://packetstormsecurity.com/files/160106/Aerospike-Database-5.1.0.3-Remote-Command-Execution.html
https://www.mend.io/vulnerability-database/CVE-2020-13151

Severity Score

Weakness Type (CWE)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-78

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us