Vulnerability Name:

CVE-2020-15366 (CCN-185626)

Assigned:2020-07-04
Published:2020-07-04
Updated:2022-12-02
Summary:An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)
CVSS v3 Severity:5.6 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
4.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
5.6 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
4.9 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-471
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-15366

Source: CCN
Type: Red Hat Bugzilla – Bug 1857977
(CVE-2020-15366) - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

Source: XF
Type: UNKNOWN
ajv-cve202015366-code-exec(185626)

Source: CCN
Type: Ajv GIT Repository
Prototype Pollution in Ajv

Source: CCN
Type: Ajv GIT Repository
Ajv

Source: cve@mitre.org
Type: Release Notes, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Permissions Required
cve@mitre.org

Source: CCN
Type: SNYK-JS-AJV-584908
Prototype Pollution

Source: CCN
Type: IBM Security Bulletin 6453115 (Cloud Pak for Security)
Cloud Pak for Security contains security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6459685 (UrbanCode Velocity)
CVE-2020-15366 An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2.

Source: CCN
Type: IBM Security Bulletin 6566889 (Spectrum Discover)
Critical Vulnerabilities in libraries used by libraries that IBM Spectrum discover is using (libraries of libraries)

Source: CCN
Type: IBM Security Bulletin 6570965 (Db2 On Openshift)
Multiple Vulnerabilities affect IBM Db2 On Openshift and IBM Db2 and Db2 Warehouse on Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6613009 (Cloud Pak System Software)
Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System

Source: CCN
Type: IBM Security Bulletin 6857863 (MobileFirst Platform Foundation)
Multiple vulnerabilities found on thirdparty libraries used by IBM MobileFirst Platform

Source: CCN
Type: IBM Security Bulletin 6967283 (QRadar User Behavior Analytics)
IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7009061 (Watson AI Gateway for Cloud Pak for Data)
Watson AI Gateway for Cloud Pak for Data is vulnerable to an Ajv (aka Another JSON Schema Validator) could allow a remote attacker to execute arbitrary code on the system (CVE-2020-15366)

Source: CCN
Type: Mend Vulnerability Database
CVE-2020-15366

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ajv:ajv:6.12.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:mobilefirst_platform_foundation:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_user_behavior_analytics:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:3.5:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:4.0:-:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20210548
    P
    RHSA-2021:0548: nodejs:10 security update (Moderate)
    2021-02-16
    oval:com.redhat.rhsa:def:20210551
    P
    RHSA-2021:0551: nodejs:14 security and bug fix update (Moderate)
    2021-02-16
    oval:com.redhat.rhsa:def:20205499
    P
    RHSA-2020:5499: nodejs:12 security and bug fix update (Moderate)
    2020-12-15
    BACK
    ajv ajv 6.12.2
    ibm mobilefirst platform foundation 8.0.0
    ibm cloud pak for security 1.4.0.0
    ibm cloud pak for security 1.6.0.0
    ibm cloud pak for security 1.5.0.1
    ibm cloud pak for security 1.5.0.0
    ibm cloud pak for security 1.6.0.1
    ibm qradar user behavior analytics 1.0.0
    ibm db2 3.5 -
    ibm db2 4.0 -