id: CVE-2020-11450 info: name: MicroStrategy Web 10.4 - Information Disclosure author: tess severity: high description: | MicroStrategy Web 10.4 is susceptible to information disclosure. The JVM configuration, CPU architecture, installation folder, and other information are exposed through /MicroStrategyWS/happyaxis.jsp. An attacker can use this vulnerability to learn more about the application environment and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - http://packetstormsecurity.com/files/157068/MicroStrategy-Intelligence-Server-And-Web-10.4-XSS-Disclosure-SSRF-Code-Execution.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11450 - https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case/ - https://nvd.nist.gov/vuln/detail/cve-2020-11450 - http://seclists.org/fulldisclosure/2020/Apr/1 remediation: Mitigated in all versions 11.0 and higher. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-11450 epss-score: 0.31408 cpe: cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: microstrategy product: microstrategy_web tags: packetstorm,seclists,microstrategy,exposure,jvm,config,cve,cve2020 http: - method: GET path: - '{{BaseURL}}/MicroStrategyWS/happyaxis.jsp' redirects: true max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - 'Axis2 Happiness Page' - 'Examining webapp configuration' - 'Essential Components' condition: and - type: status status: - 200