GHSA-FRXG-HF44-Q765

Vulnerability from github – Published: 2022-04-22 20:39 – Updated: 2022-04-22 20:39
VLAI
Summary
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Details

Impact

Users of versions 9.8.5, 9.8.6, 9.9.0 and previously published prereleases of 10.0.0 who have used either one of the two RequireDisCatSharpDeveloperAttributes or the BaseDiscordClient.LibraryDeveloperTeam have potentially had their bot token sent to a web server not affiliated with Discord. This server is owned and operated by DisCatSharp's development team. The tokens were not logged, yet it is still advisable to reset the tokens of potentially affected bots.

Patches

9.9.1 has been released to patch the issue for the current stable release and the current 10.0.0 prereleases are also no longer affected.

Workarounds

Remove all uses of the two RequireDisCatSharpDeveloperAttributes and all direct calls to BaseDiscordClient.LibraryDeveloperTeam.

Details

The HttpClient responsible for sending requests to the Discord API was erroneously reused to send requests to our website when DisCatSharp's team members were to be fetched.

For more information

If you have any questions or comments about this advisory: * Join our Discord server * Email us at ottero@aitsys.dev

Severity
6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "DisCatSharp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.8.5"
            },
            {
              "fixed": "9.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24849"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-22T20:39:47Z",
    "nvd_published_at": "2022-04-14T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nUsers of versions 9.8.5, 9.8.6, 9.9.0 and previously published prereleases of 10.0.0 who have used either one of the two `RequireDisCatSharpDeveloperAttribute`s or the `BaseDiscordClient.LibraryDeveloperTeam` have potentially had their bot token sent to a web server not affiliated with Discord. This server is owned and operated by DisCatSharp\u0027s development team. The tokens were not logged, yet it is still advisable to reset the tokens of potentially affected bots.\n\n### Patches\n9.9.1 has been released to patch the issue for the current stable release and the current 10.0.0 prereleases are also no longer affected.\n\n### Workarounds\nRemove all uses of the two `RequireDisCatSharpDeveloperAttribute`s and all direct calls to `BaseDiscordClient.LibraryDeveloperTeam`.\n\n### Details\nThe `HttpClient` responsible for sending requests to the Discord API was erroneously reused to send requests to our website when DisCatSharp\u0027s team members were to be fetched.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Join our [Discord server](https://discord.gg/GGYSywkxwN)\n* Email us at [ottero@aitsys.dev](mailto:ottero@aitsys.dev)\n",
  "id": "GHSA-frxg-hf44-q765",
  "modified": "2022-04-22T20:39:47Z",
  "published": "2022-04-22T20:39:47Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Aiko-IT-Systems/DisCatSharp/security/advisories/GHSA-frxg-hf44-q765"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24849"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Aiko-IT-Systems/DisCatSharp"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.