Lucene search

GitHub Advisory DatabaseGHSA-V642-MH27-8J6M

HistoryOct 17, 2023 - 2:20 p.m.

MantisBT may disclose project names to unauthorized users

2023-10-1714:20:36

CWE-200

CWE-668

GitHub Advisory Database

github.com

mantisbt

unauthorized access

project names

vulnerability

access-level checks

wiki

patches

version 2.25.8

workarounds

disable wiki integration

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

21.1%

JSON

Impact

Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects’ names, by accessing wiki.php with sequentially incremented IDs.

Patches

Patch under development. The vulnerability will be fixed in MantisBT version 2.25.8.

Workarounds

Disable wiki integration ( $g_wiki_enable = OFF;)

References

https://mantisbt.org/bugs/view.php?id=32981

Affected configurations

Vulners

Node

mantisbtmantisbtRange≤2.25.7

References

github.com/advisories/GHSA-v642-mh27-8j6m

github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1

github.com/mantisbt/mantisbt/security/advisories/GHSA-v642-mh27-8j6m

mantisbt.org/bugs/view.php?id=32981

nvd.nist.gov/vuln/detail/CVE-2023-44394

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

21.1%

JSON

Related for GHSA-V642-MH27-8J6M