Lucene search

GitHub Advisory DatabaseGHSA-XH35-W7WG-95V3

HistoryJan 08, 2024 - 4:25 p.m.

XWiki has no right protection on rollback action

2024-01-0816:25:58

CWE-274

GitHub Advisory Database

github.com

xwiki

rollback action

vulnerability

patched

security

jira

commit

version

rights protection

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

27.1%

JSON

Impact

The rollback action is missing a right protection: it means that a user can rollback to a previous version of the page to gain rights they don’t have anymore.
This vulnerability impacts all version of XWiki since rollback action is available.

Patches

The problem has been patched in XWiki 14.10.16, 15.5.3 and 15.8-rc-1 by ensuring that the rights are checked before performing the rollback.

Workarounds

There’s no workaround for this vulnerability, except paying attention to delete old versions of documents that could allow users to gain more rights.

References

JIRA ticket: https://jira.xwiki.org/browse/XWIKI-21257
Commit: 4de72875ca49602796165412741033bfdbf1e680

For more information

If you have any questions or comments about this advisory:

Open an issue in Jira XWiki.org
Email us at Security Mailing List

Affected configurations

Vulners

Node

org.xwiki.platformxwiki-platformRange15.6-rc-1–15.8-rc-1

org.xwiki.platformxwiki-platformRange15.0-rc-1–15.5.3

org.xwiki.platformxwiki-platform-oldcoreRange1.0–14.10.17

VendorProductVersionCPE
org.xwiki.platformxwiki-platform*cpe:2.3:a:org.xwiki.platform:xwiki-platform:*:*:*:*:*:*:*:*
org.xwiki.platformxwiki-platform-oldcore*cpe:2.3:a:org.xwiki.platform:xwiki-platform-oldcore:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
org.xwiki.platform	xwiki-platform	*	cpe:2.3:a:org.xwiki.platform:xwiki-platform::::::::
org.xwiki.platform	xwiki-platform-oldcore	*	cpe:2.3:a:org.xwiki.platform:xwiki-platform-oldcore::::::::

References

github.com/advisories/GHSA-xh35-w7wg-95v3

github.com/xwiki/xwiki-platform/commit/1f3220f14bb3a4dcbd10d31134c39a06037f9a74

github.com/xwiki/xwiki-platform/commit/4de72875ca49602796165412741033bfdbf1e680

github.com/xwiki/xwiki-platform/commit/4fa7f302b14da6f05a6904a14e3741c4c06c40a1

github.com/xwiki/xwiki-platform/security/advisories/GHSA-xh35-w7wg-95v3

jira.xwiki.org/browse/XWIKI-21257

nvd.nist.gov/vuln/detail/CVE-2024-21648

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

27.1%

JSON

Related for GHSA-XH35-W7WG-95V3