Vulnerability-Lookup

GHSA-HH28-WC7C-M2R4

Vulnerability from github – Published: 2024-04-10 15:30 – Updated: 2024-04-10 15:30

Details

Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.

Severity

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-2731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T14:15:07Z",
    "severity": "MODERATE"
  },
  "details": "Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users\u0027 names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.\n\n",
  "id": "GHSA-hh28-wc7c-m2r4",
  "modified": "2024-04-10T15:30:40Z",
  "published": "2024-04-10T15:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2731"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/4d72d300-92d6-4e3c-93d8-52fe47396ae0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-2731 (GCVE-0-2024-2731)

Vulnerability from cvelistv5 – Published: 2024-04-10 13:59 – Updated: 2024-08-01 19:25

Title

Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic

Summary

Severity

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

NCSC.ch

References

1 reference

URL	Tags
https://huntr.com/bounties/4d72d300-92d6-4e3c-93d…	exploit

Impacted products

2 products

Vendor	Product	Version
Mautic	Mautic	Affected: 0 , ≤ 4.4.9 (semver)
acquia	mautic	Affected: 0 , ≤ 4.4.9 (custom) cpe:2.3:a:acquia:mautic:-:::::::*

Credits

ZHAW Information Security Research Group

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:acquia:mautic:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "mautic",
            "vendor": "acquia",
            "versions": [
              {
                "lessThanOrEqual": "4.4.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2731",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-03T15:34:06.551178Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-03T18:09:08.504Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:25:41.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://huntr.com/bounties/4d72d300-92d6-4e3c-93d8-52fe47396ae0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Mautic",
          "programFiles": [
            "https://github.com/mautic/mautic/blob/fcc9051a74c16c333aa37dc282669b0ba7a27b8b/app/bundles/LeadBundle/Form/Type/CompanyMergeType.php#L41",
            "https://github.com/mautic/mautic/blob/fcc9051a74c16c333aa37dc282669b0ba7a27b8b/app/bundles/LeadBundle/Controller/LeadController.php#L1923",
            "https://github.com/mautic/mautic/blob/fcc9051a74c16c333aa37dc282669b0ba7a27b8b/app/bundles/LeadBundle/Controller/LeadController.php#L278"
          ],
          "repo": "https://github.com/mautic/mautic",
          "vendor": "Mautic",
          "versions": [
            {
              "lessThanOrEqual": "4.4.9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ZHAW Information Security Research Group"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eUsers with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users\u0027 names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users\u0027 names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T13:59:41.407Z",
        "orgId": "455daabc-a392-441d-aa46-37d35189897c",
        "shortName": "NCSC.ch"
      },
      "references": [
        {
          "tags": [
            "exploit"
          ],
          "url": "https://huntr.com/bounties/4d72d300-92d6-4e3c-93d8-52fe47396ae0"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
    "assignerShortName": "NCSC.ch",
    "cveId": "CVE-2024-2731",
    "datePublished": "2024-04-10T13:59:41.407Z",
    "dateReserved": "2024-03-20T13:04:47.309Z",
    "dateUpdated": "2024-08-01T19:25:41.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-HH28-WC7C-M2R4

CVE-2024-2731 (GCVE-0-2024-2731)

Tags

Sightings

Nomenclature