Lucene search

K
cvelistDotCMSCVELIST:CVE-2024-3164
HistoryApr 01, 2024 - 9:27 p.m.

CVE-2024-3164

2024-04-0121:27:51
CWE-552
dotCMS
www.cve.org
dotcms
dashboard
unauthorized access

4.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS Admins. Users that get site admin but not a system admin, should not have access to the System Maintenance → Tools portlet. This would share database username and password under Log Files and download DB Dump and other dotCMS Content under Tools. Nothing in the System → Maintenance should be displayed for users with site admin role. Only system admins must have access to System Maintenance.

OWASP Top 10 - A01) Broken Access Control

OWASP Top 10 - A04) Insecure Design

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "dotCMS core",
    "vendor": "dotCMS",
    "versions": [
      {
        "status": "affected",
        "version": "22.02 and after"
      }
    ]
  }
]

4.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

Related for CVELIST:CVE-2024-3164