CVE-2017-11319
published 2017-12-11CVE-2017-11319: Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by…
PriorityP261high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
5.56%
91.9th percentile
Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| resolver | perspective | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for breakpoints or runtime tampering of the DataHandle class methods UserEntityPrivs, UserFieldPrivs, and UserReportPrivs inside Perspective.data.dll — these are the exact interception points used to escalate privileges. ↗
- ·The privilege escalation occurs entirely client-side after authentication; the server performs no cross-validation of permission values set by the thick client, meaning server-side logs may show no anomaly during the attack. ↗
- ·The exploit requires the attacker to already be an authenticated (but unprivileged) user; it is not an unauthenticated attack vector. ↗
- ·One privilege action remains blocked even after exploitation: creating a new user account is not possible via this technique. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/145230/Perspective-ICM-Investigation-And-Case-5.1.1.16-Privilege-Escalation.htmlhttps://www.exploit-db.com/exploits/43210/http://packetstormsecurity.com/files/145230/Perspective-ICM-Investigation-And-Case-5.1.1.16-Privilege-Escalation.htmlhttps://www.exploit-db.com/exploits/43210/
2017-12-11
Published