Vulnerability fixed in Rapid7 Nexpose security scanner after discovery by Positive Technologies expert

Positive Technologies expert Mikhail Klyuchnikov has identified a vulnerability in Rapid7's Nexpose tool which attackers can exploit to escalate low system privileges to obtain unauthorized access to resources and data. The vulnerability is present in Security Console versions 6.6.48 and earlier versions of the product.

Nexpose is a vulnerability management tool for companies to quickly identify gaps in their infrastructure protection.

Vulnerability CVE-2020-7383 enables attackers to perform a SQL injection technique, which they can use to access certain data stored in a database. This data may include information on detected vulnerabilities, past scans, and policies. An attacker could also perform SQL injection as part of denial of service (DoS) attacks on the database to disrupt the normal functioning of the web interface.

Mikhail Klyuchnikov researcher at Positive Technologies said: "This vulnerability enables a logged-in attacker to access and modify certain database records, as well as add new ones. Only a low level of system privileges is necessary to exploit this vulnerability and obtain access to data that should not be visible to a user with that level of privileges."

The vulnerability has received a score of 6.5, indicating a moderate degree of severity. The developer of Nexpose, Rapid7, has released updates fixing the issue.