Vulnerability Description
An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf parameter. By default, the web interface is on port 5054, and does not require authentication. NOTE: the vendor has stated "We do not consider this a vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Reprisesoftware | Reprise License Manager | < 16.1 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2021/Dec/18Third Party Advisory
- https://bittherapy.net/rce-with-arbitrary-file-write-and-xss-in-reprise-license-ExploitThird Party Advisory
- http://seclists.org/fulldisclosure/2021/Dec/18Third Party Advisory
- https://bittherapy.net/rce-with-arbitrary-file-write-and-xss-in-reprise-license-ExploitThird Party Advisory
FAQ
What is CVE-2018-15573?
CVE-2018-15573 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /gofo...
How severe is CVE-2018-15573?
CVE-2018-15573 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-15573?
Check the references section above for vendor advisories and patch information. Affected products include: Reprisesoftware Reprise License Manager.