Lucene search

GitHub Advisory DatabaseGHSA-9VWF-54M9-GC4F

HistoryDec 16, 2021 - 2:32 p.m.

snipe-it is vulnerable to Improper Access Control

2021-12-1614:32:39

CWE-284

CWE-862

GitHub Advisory Database

github.com

improper access control

version 5.3.4

regular users

model information

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

21.4%

JSON

snipe-it prior to version 5.3.4 is vulnerable to Improper Access Control. Regular users with DENY set to all models permissions can still view model information via the /models/{id}/clone endpoint due to no authorize(‘view’) permission being set.

Affected configurations

Vulners

Node

snipesnipe-itRange<5.3.4

VendorProductVersionCPE
snipesnipe-it*cpe:2.3:a:snipe:snipe-it:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
snipe	snipe-it	*	cpe:2.3:a:snipe:snipe-it::::::::

References

github.com/advisories/GHSA-9vwf-54m9-gc4f

github.com/snipe/snipe-it/commit/1699c09758e56f740437674a8d6ba36443399f24

huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862

nvd.nist.gov/vuln/detail/CVE-2021-4089

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

21.4%

JSON

Related for GHSA-9VWF-54M9-GC4F