Insightappsec
CVE-2019-5631
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.
AnalysisAI
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-427. The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM).06.24 and prior versions of the product. Affected products include: Rapid7 Insightappsec. Version information: version 2019.06.24.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Insightappsec
View allAn authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jin
An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perfo
An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided tho
Same weakness CWE-427 – Uncontrolled Search Path Element
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today