Lucene search

K
cve[email protected]CVE-2024-25148
HistoryFeb 08, 2024 - 4:15 a.m.

CVE-2024-25148

2024-02-0804:15:08
CWE-200
web.nvd.nist.gov
22
liferay portal
cve-2024-25148
information security
doasuserid
wysiwyg editor
user impersonation

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.4%

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the doAsUserId URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user. This may allow remote authenticated users to impersonate a user after accessing the linked content.

Affected configurations

NVD
Node
liferaydxpMatch7.2-
OR
liferaydxpMatch7.2fix_pack_1
OR
liferaydxpMatch7.2fix_pack_10
OR
liferaydxpMatch7.2fix_pack_11
OR
liferaydxpMatch7.2fix_pack_12
OR
liferaydxpMatch7.2fix_pack_13
OR
liferaydxpMatch7.2fix_pack_14
OR
liferaydxpMatch7.2fix_pack_2
OR
liferaydxpMatch7.2fix_pack_3
OR
liferaydxpMatch7.2fix_pack_4
OR
liferaydxpMatch7.2fix_pack_5
OR
liferaydxpMatch7.2fix_pack_6
OR
liferaydxpMatch7.2fix_pack_7
OR
liferaydxpMatch7.2fix_pack_8
OR
liferaydxpMatch7.2fix_pack_9
OR
liferaydxpMatch7.3-
OR
liferaydxpMatch7.3sp1
OR
liferaydxpMatch7.3sp2
OR
liferayliferay_portalRange7.2.07.4.1

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Portal",
    "vendor": "Liferay",
    "versions": [
      {
        "lessThanOrEqual": "7.4.1",
        "status": "affected",
        "version": "7.2.0",
        "versionType": "maven"
      }
    ]
  },
  {
    "defaultStatus": "unknown",
    "product": "DXP",
    "vendor": "Liferay",
    "versions": [
      {
        "lessThanOrEqual": "7.3.10-dxp-2",
        "status": "affected",
        "version": "7.3.10",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "7.2.10-dxp-14",
        "status": "affected",
        "version": "7.2.10",
        "versionType": "maven"
      }
    ]
  }
]

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.4%

Related for CVE-2024-25148