Lucene search

GitHub_MCVELIST:CVE-2024-46987

HistorySep 18, 2024 - 5:15 p.m.

CVE-2024-46987 Arbitrary path traversal in Camaleon CMS

2024-09-1817:15:45

CWE-22

CWE-200

GitHub_M

www.cve.org

cve-2024-46987

camaleon cms

path traversal

file download

information disclosure

version 2.8.2

upgrade

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

24.9%

JSON

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController’s download_private_file method allows authenticated users to download any file on the web server Camaleon CMS is running on (depending on the file permissions). This issue may lead to Information Disclosure. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CNA Affected

[
  {
    "vendor": "owen2345",
    "product": "camaleon-cms",
    "versions": [
      {
        "version": "< 2.8.2",
        "status": "affected"
      }
    ]
  }
]

References

codeql.github.com/codeql-query-help/ruby/rb-path-injection

github.com/owen2345/camaleon-cms/security/advisories/GHSA-cp65-5m9r-vc2c

owasp.org/www-community/attacks/Path_Traversal

www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

24.9%

JSON

Related for CVELIST:CVE-2024-46987