Incorrect permission assignment for critical resource in Rapid7 Metasploit



Published: 2019-11-06 | Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-5642
CWE-ID CWE-732
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Metasploit
Client/Desktop applications / Other client software

Vendor Rapid7

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Incorrect permission assignment for critical resource

EUVDB-ID: #VU35112

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-5642

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from an instance of CWE-732, wherein the unique server.key is written to the file system during installation with world-readable permissions. This can allow other users of the same system where Metasploit Pro is installed to intercept otherwise private communications to the Metasploit Pro web interface.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Metasploit: 4.2.0 - 4.15.8

External links

http://help.rapid7.com/metasploit/release-notes/?rid=4.16.0-2019091001


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###