FKIE_CVE-2020-8123
Vulnerability from fkie_nvd - Published: 2020-02-04 20:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.
References
| URL | Tags | ||
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/768574 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/768574 | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:strapi:strapi:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "1F93DAB9-86B0-40CE-88C4-672827F2D653",
"versionEndExcluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha10.1:*:*:*:node.js:*:*",
"matchCriteriaId": "6EE852E3-ED80-456D-AF2D-63269A8B8754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha10.2:*:*:*:node.js:*:*",
"matchCriteriaId": "52194D3F-9994-4813-A075-580448159B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha10.3:*:*:*:node.js:*:*",
"matchCriteriaId": "46B62038-4FC8-4BC7-B0BB-224A3C2B1354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha11:*:*:*:node.js:*:*",
"matchCriteriaId": "636300D1-13DB-41BB-B0B7-FB9AB28B419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha11.1:*:*:*:node.js:*:*",
"matchCriteriaId": "5713BCDA-1670-4D63-8896-1122A2B44376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha11.2:*:*:*:node.js:*:*",
"matchCriteriaId": "3B219527-7B2A-402B-B43A-13EC2B38DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha11.3:*:*:*:node.js:*:*",
"matchCriteriaId": "DB9E71EA-509F-4F45-9A06-BDD19DD8E3AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12:*:*:*:node.js:*:*",
"matchCriteriaId": "CEB20A91-A7DC-412C-BD3E-4E4A3DDFDA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.1:*:*:*:node.js:*:*",
"matchCriteriaId": "97B77C91-6F49-4DAD-A07B-C58154B10481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.1.3:*:*:*:node.js:*:*",
"matchCriteriaId": "220E4312-55CE-4C86-B99D-8913BB549130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.2:*:*:*:node.js:*:*",
"matchCriteriaId": "141D91D9-01B4-45C8-9BC5-E265BF16FBA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.3:*:*:*:node.js:*:*",
"matchCriteriaId": "056967E8-55F5-49AB-BDB4-D1910EADF083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.4:*:*:*:node.js:*:*",
"matchCriteriaId": "877A24E1-B9FA-41DF-9742-A37B20884C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.5:*:*:*:node.js:*:*",
"matchCriteriaId": "055293E3-CC94-4783-B988-E3A96588BA86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.6:*:*:*:node.js:*:*",
"matchCriteriaId": "B6EA5838-3722-4FDB-9212-C99BEB2001A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.7:*:*:*:node.js:*:*",
"matchCriteriaId": "C392DBF7-1497-4C16-B722-F3F0FC8FB16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha12.7.1:*:*:*:node.js:*:*",
"matchCriteriaId": "BF643EAD-83B8-43A4-8B5F-C14DE36C4F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha13:*:*:*:node.js:*:*",
"matchCriteriaId": "47709AB6-C345-47CD-8B49-520EBC18DF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha13.0.1:*:*:*:node.js:*:*",
"matchCriteriaId": "B2B4E69E-1D02-4046-B733-3266F16C3533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha13.1:*:*:*:node.js:*:*",
"matchCriteriaId": "C7109F10-26A3-44E8-A210-00246FBDA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14:*:*:*:node.js:*:*",
"matchCriteriaId": "687D384F-481F-4784-BCB7-9355B417E11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.1:*:*:*:node.js:*:*",
"matchCriteriaId": "23FFEFA7-BBEC-41F8-B002-D91517121B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.1.1:*:*:*:node.js:*:*",
"matchCriteriaId": "73C0F58F-943C-40B4-A7ED-8A059F935ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.2:*:*:*:node.js:*:*",
"matchCriteriaId": "A0EE4A3E-AA4C-40A3-9E70-3F64195499A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.3:*:*:*:node.js:*:*",
"matchCriteriaId": "3FBAEC7D-E572-468A-B044-B0A3F09AE5D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.4.0:*:*:*:node.js:*:*",
"matchCriteriaId": "D9B013A5-736A-4C9C-84F1-DB2A2437C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha14.5:*:*:*:node.js:*:*",
"matchCriteriaId": "3DAFF093-2506-4BEC-8CC7-7C1FAAB74C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha15:*:*:*:node.js:*:*",
"matchCriteriaId": "6A7B2627-35C7-4F49-A64F-44360221AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha16:*:*:*:node.js:*:*",
"matchCriteriaId": "53D5A194-24A5-4048-B75A-4EDEED6F0F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha17:*:*:*:node.js:*:*",
"matchCriteriaId": "22FFD289-7568-469A-8B63-52D75682429F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha18:*:*:*:node.js:*:*",
"matchCriteriaId": "7E4D80A2-27C1-4CAE-9AB4-38D0003451D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha19:*:*:*:node.js:*:*",
"matchCriteriaId": "5C223C65-B9D2-4F4F-9979-BF1B9D9F5C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha20:*:*:*:node.js:*:*",
"matchCriteriaId": "F0114DCB-8D6C-41F2-B83C-7CAC30E39B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha21:*:*:*:node.js:*:*",
"matchCriteriaId": "ECF56323-AE13-4E1F-A95A-51B30024FD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha22:*:*:*:node.js:*:*",
"matchCriteriaId": "014C1011-56B2-4EF0-A13E-BBE33C3E986B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha23:*:*:*:node.js:*:*",
"matchCriteriaId": "5FF8D108-FF45-4698-BD18-DE62AE166D35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha23.1:*:*:*:node.js:*:*",
"matchCriteriaId": "D90F12B0-C768-4041-924A-74D22184B135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha24:*:*:*:node.js:*:*",
"matchCriteriaId": "0DB5369B-8F9B-4A48-8648-7DE9D0368FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha24.1:*:*:*:node.js:*:*",
"matchCriteriaId": "A6DCB0A7-EC8B-47E5-8285-4B0917EBF6F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha25:*:*:*:node.js:*:*",
"matchCriteriaId": "0862892A-08CE-4E47-AC99-89546A183516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha25.1:*:*:*:node.js:*:*",
"matchCriteriaId": "4368EC48-1BB9-42F5-BFE7-6120400559FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha25.2:*:*:*:node.js:*:*",
"matchCriteriaId": "15ADF3FB-048E-4D80-82C6-FDC0DE9AB020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha26:*:*:*:node.js:*:*",
"matchCriteriaId": "1D7D2FEF-F0A6-4E40-B6E4-B6CE5794734C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha26.1:*:*:*:node.js:*:*",
"matchCriteriaId": "6EEE30CD-7CA8-4731-8BDE-43BF38E10263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha26.2:*:*:*:node.js:*:*",
"matchCriteriaId": "EE170523-786E-4124-B419-40E6663B6B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha4:*:*:*:node.js:*:*",
"matchCriteriaId": "CE7A2876-6BF5-41F5-91AF-B4BCEB83D5ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha4.8:*:*:*:node.js:*:*",
"matchCriteriaId": "E247B538-E23D-4BA2-96F7-0A2457242570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha5.3:*:*:*:node.js:*:*",
"matchCriteriaId": "E90AB495-C345-485A-B760-85D12CF939D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha5.5:*:*:*:node.js:*:*",
"matchCriteriaId": "6DEDCCC3-711B-417D-9B8D-E2C6699EB7D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha6.3:*:*:*:node.js:*:*",
"matchCriteriaId": "52A4747F-A304-43A3-B9F3-F58163021A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha6.4:*:*:*:node.js:*:*",
"matchCriteriaId": "2D0C3905-B951-46CB-8345-7396479CA370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha6.7:*:*:*:node.js:*:*",
"matchCriteriaId": "259A9640-27B8-4C69-8F3B-F5A0E756E7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha7.2:*:*:*:node.js:*:*",
"matchCriteriaId": "87812E56-5089-4A37-AE95-8852B1E11CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha7.3:*:*:*:node.js:*:*",
"matchCriteriaId": "CD232170-E4C1-40EA-8F1D-51DEA718C7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha8:*:*:*:node.js:*:*",
"matchCriteriaId": "84DA64DC-32E8-4694-B357-CD3C1A06D730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha8.3:*:*:*:node.js:*:*",
"matchCriteriaId": "7C758690-3D96-46DF-91FA-4387F6F68C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha9:*:*:*:node.js:*:*",
"matchCriteriaId": "614335CB-D527-4117-B87E-D0B5632C0F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha9.1:*:*:*:node.js:*:*",
"matchCriteriaId": "F84F8BD7-E720-42E5-A544-1EC8E6B6ED9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:alpha9.2:*:*:*:node.js:*:*",
"matchCriteriaId": "23FE6911-44E6-4F87-9288-ABD5BA63FB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta0:*:*:*:node.js:*:*",
"matchCriteriaId": "84F5D639-E63B-4215-B547-084A087D0B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta1:*:*:*:node.js:*:*",
"matchCriteriaId": "1DDF3F85-932A-49FF-9B7C-13CC46A9C6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta10:*:*:*:node.js:*:*",
"matchCriteriaId": "EF272A2E-ABC1-46BF-B4AE-6C121FD28B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta11:*:*:*:node.js:*:*",
"matchCriteriaId": "9BA52F67-08A1-455B-8E18-A28FD3866DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta12:*:*:*:node.js:*:*",
"matchCriteriaId": "7889A151-A720-47CF-9547-DE6F310F86C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta13:*:*:*:node.js:*:*",
"matchCriteriaId": "7C7FB74A-4D7A-4D39-AA24-9BD0DAC65B57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta14:*:*:*:node.js:*:*",
"matchCriteriaId": "8A4FBB0A-EC18-4740-9D6D-7775BC1096DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta15:*:*:*:node.js:*:*",
"matchCriteriaId": "3FE2224D-DAE2-468F-A439-9B1737C42508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16:*:*:*:node.js:*:*",
"matchCriteriaId": "990EBBC0-7AD2-4FE0-BFA5-3167706E3665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.1:*:*:*:node.js:*:*",
"matchCriteriaId": "2544E58C-1795-4630-AFE5-B9315B809629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.2:*:*:*:node.js:*:*",
"matchCriteriaId": "2B277331-0255-4B17-9835-02CF2A5AEEA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.3:*:*:*:node.js:*:*",
"matchCriteriaId": "BD3D2147-F5F5-44CA-B0CE-64192361CE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.4:*:*:*:node.js:*:*",
"matchCriteriaId": "2B0A8BAB-62B1-4B5C-B251-1E8E801966F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.5:*:*:*:node.js:*:*",
"matchCriteriaId": "70DF82AF-24A9-4653-B8E5-C10A8E16220A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.6:*:*:*:node.js:*:*",
"matchCriteriaId": "F2A26B8D-4B62-440C-87D6-1BA6E969FD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.7:*:*:*:node.js:*:*",
"matchCriteriaId": "7B855E3A-53D8-4625-B5CA-D81825535FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta16.8:*:*:*:node.js:*:*",
"matchCriteriaId": "0CA4FFF0-186D-46D0-BC4D-1B76DC540CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17:*:*:*:node.js:*:*",
"matchCriteriaId": "73AD45A2-08E2-4C26-AD49-1EDD02461E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.1:*:*:*:node.js:*:*",
"matchCriteriaId": "79B53AC7-4498-4782-A548-6708DDCF4412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.2:*:*:*:node.js:*:*",
"matchCriteriaId": "B00A40E6-E0CA-4BCA-9413-4DF81E9B2460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.3:*:*:*:node.js:*:*",
"matchCriteriaId": "CE36857B-E5BC-4649-8EB0-371E24D98820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.4:*:*:*:node.js:*:*",
"matchCriteriaId": "7A8E39F9-D4A1-441D-B199-C96A7B3AFAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.5:*:*:*:node.js:*:*",
"matchCriteriaId": "60A5BEEA-B302-41E3-8830-8CAC6E4A5BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.6:*:*:*:node.js:*:*",
"matchCriteriaId": "08274A0A-1AAF-4530-85F9-A7C3C1D5AB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.7:*:*:*:node.js:*:*",
"matchCriteriaId": "C2AC24A7-85C4-4051-818B-981EEB27C857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta17.8:*:*:*:node.js:*:*",
"matchCriteriaId": "AD070CAC-D2BF-4A4F-AA22-E102D5D29617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta18:*:*:*:node.js:*:*",
"matchCriteriaId": "AA2A5AB0-6C85-4410-A324-D45A03754B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta18.1:*:*:*:node.js:*:*",
"matchCriteriaId": "9BD23F83-75CD-43DB-9BC4-B000D1D1A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta18.2:*:*:*:node.js:*:*",
"matchCriteriaId": "2B7FB954-2B7D-421F-8B5E-A1D1994E7D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta18.3:*:*:*:node.js:*:*",
"matchCriteriaId": "CA1123EB-AA28-455F-B789-D62641173257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta2:*:*:*:node.js:*:*",
"matchCriteriaId": "B7F61FE0-BF4E-41CA-8DA8-7FAB39E5EDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta3:*:*:*:node.js:*:*",
"matchCriteriaId": "80AABA42-61B8-4D2E-9C46-025B38764B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta4:*:*:*:node.js:*:*",
"matchCriteriaId": "BAEB954A-5D4E-4A86-BBD5-6AD9C9F2CFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta5:*:*:*:node.js:*:*",
"matchCriteriaId": "0D41E588-6C0A-4F6F-ADBF-C06AB9CB5475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta6:*:*:*:node.js:*:*",
"matchCriteriaId": "5ACFCD43-A822-4035-BC1C-20831DF03B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta7:*:*:*:node.js:*:*",
"matchCriteriaId": "C5D0A9A1-FCD3-41A3-BD1B-7CB6AA922939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta8:*:*:*:node.js:*:*",
"matchCriteriaId": "49C15CB6-F0A3-46C9-9D49-53C734D47FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strapi:strapi:3.0.0:beta9:*:*:*:node.js:*:*",
"matchCriteriaId": "18B032DD-34E7-45DF-8342-9C03EA349C24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application."
},
{
"lang": "es",
"value": "Se presenta una denegaci\u00f3n de servicio en strapi versiones v3.0.0-beta.18.3 y anteriores, que puede ser abusada en la consola de administraci\u00f3n utilizando los derechos de administrador, lo que puede conllevar a un reinicio arbitrario de la aplicaci\u00f3n."
}
],
"id": "CVE-2020-8123",
"lastModified": "2024-11-21T05:38:20.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-04T20:15:14.447",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/768574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/768574"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…