8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
54.4%
Using a carefully crafted request or malicious proxy, a user with UserWrite
permissions could create another user with higher privileges than their own due to insufficient checks on the allowed set of permissions. The event would be captured in the Event Log.
The issue has been fixed in 0.24.0 and 0.23.1.
For users who are unable to upgrade, we recommend auditing users who have UserWrite
permissions and regularly reviewing the Event Log for malicious activity.
Thank you to Michael Mazzolini (Ethical Hacker at WHO) for finding and disclosing this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/google/exposure-notifications-verification-server | lt | 0.23.0 |
github.com/advisories/GHSA-5v95-v8c8-3rh6
github.com/google/exposure-notifications-verification-server/commit/eb8cf40b12dbe79304f1133c06fb73419383cd95
github.com/google/exposure-notifications-verification-server/releases/tag/v0.23.1
github.com/google/exposure-notifications-verification-server/releases/tag/v0.24.0
github.com/google/exposure-notifications-verification-server/security/advisories/GHSA-5v95-v8c8-3rh6
nvd.nist.gov/vuln/detail/CVE-2021-22538
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
54.4%