CVE-2021-39196 (GCVE-0-2021-39196)

Vulnerability from cvelistv5 – Published: 2021-09-07 18:55 – Updated: 2024-08-04 01:58
VLAI?
Title
Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture
Summary
pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.
Severity ?
7.7 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE
  • CWE-287 - Improper Authentication
Assigner
References
Impacted products
Vendor Product Version
jdhwpgmbca pcapture Affected: < 3.12
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "pcapture",
          "vendor": "jdhwpgmbca",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-07T18:55:11.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"
        }
      ],
      "source": {
        "advisory": "GHSA-3r67-fxpr-p2qx",
        "discovery": "UNKNOWN"
      },
      "title": "Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39196",
          "STATE": "PUBLIC",
          "TITLE": "Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "pcapture",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 3.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "jdhwpgmbca"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287: Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx",
              "refsource": "CONFIRM",
              "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"
            },
            {
              "name": "https://github.com/jdhwpgmbca/pcapture/issues/7",
              "refsource": "MISC",
              "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"
            },
            {
              "name": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7",
              "refsource": "MISC",
              "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-3r67-fxpr-p2qx",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39196",
    "datePublished": "2021-09-07T18:55:11.000Z",
    "dateReserved": "2021-08-16T00:00:00.000Z",
    "dateUpdated": "2024-08-04T01:58:18.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-39196",
      "date": "2026-04-27",
      "epss": "0.00281",
      "percentile": "0.51462"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-39196\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-09-07T19:15:08.677\",\"lastModified\":\"2024-11-21T06:18:51.793\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.\"},{\"lang\":\"es\",\"value\":\"pcapture es una interfaz de servicio web dumpcap de c\u00f3digo abierto. En las versiones afectadas esta vulnerabilidad permite a un usuario autenticado pero sin privilegios usar la API REST para capturar y descargar paquetes sin filtro de captura y sin los permisos adecuados. Esto es importante porque los filtros de captura pueden limitar efectivamente el alcance de la informaci\u00f3n que un usuario puede visualizar en las capturas de datos. Si no se presenta ning\u00fan filtro, pueden capturarse y descargarse todos los datos del segmento de red local donde es ejecutado el programa. La versi\u00f3n 3.12 corrige este problema. No se presenta ninguna soluci\u00f3n, debe actualizar a versi\u00f3n v3.12 o superior\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:N/A:N\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcapture_project:pcapture:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.12\",\"matchCriteriaId\":\"ABACB643-D644-4ABE-A953-6FD6AA8BF2BB\"}]}]}],\"references\":[{\"url\":\"https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jdhwpgmbca/pcapture/issues/7\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jdhwpgmbca/pcapture/issues/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.