Vulnerability Name: | CVE-2010-1906 (CCN-58369) | ||||||||
Assigned: | 2010-04-16 | ||||||||
Published: | 2010-04-16 | ||||||||
Updated: | 2018-10-10 | ||||||||
Summary: | tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \\.\pipe\__RepairService_pipe__company named pipe, which allows remote authenticated users to execute arbitrary code by obtaining the current time from (1) tcpip.sys or (2) an SMB2 service. | ||||||||
CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-310 | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-2010-1906 Source: CCN Type: SA39752 Consona CRM Suite Repair Service Privilege Escalation Vulnerability Source: SECUNIA Type: Vendor Advisory 39752 Source: MISC Type: UNKNOWN http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html Source: CCN Type: Consona CRM Inc. Security Bulletin For Consona Live Assistance Consona Dynamic Agent Consona Subscriber Assistance Source: CONFIRM Type: Patch, Vendor Advisory http://www.consona.com/Content/CRM/Support/SecurityBulletin_April2010.pdf Source: CCN Type: US-CERT VU#602801 Consona (formerly SupportSoft) Intelligent Assistance Suite (IAS) cross-site scripting, ActiveX, and Repair Service vulnerabilities Source: CERT-VN Type: Patch, US Government Resource VU#602801 Source: CCN Type: OSVDB ID: 64390 Consona CRM Suite Repair Service tgsrv.exe Predictable Timestamp Field Remote Privilege Escalation Source: BUGTRAQ Type: UNKNOWN 20100507 [Wintercore Research] Consona Products - Multiple vulnerabilities Source: CCN Type: BID-40010 Multiple Consona Products Unspecified Local Privilege Escalation Vulnerability Source: CCN Type: Congreso de Seguridad ~ Rooted CONÂ’2010 RELEASING A 0DAY AT ROOTEDCON The Case of Consona/SupportSoft Source: MISC Type: Exploit http://www.wintercore.com/downloads/rootedcon_0day.pdf Source: XF Type: UNKNOWN crmsuite-repairservice-privilege-escalation(58369) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |