Lucene search
Haxatron19453EF1-4D77-4CFF-B7E8-1BC8F3AF0862HistoryDec 09, 2021 - 4:42 a.m.
Improper Access Control in snipe/snipe-it
2021-12-0904:42:53
haxatron
www.huntr.dev
14
0.001 Low
EPSS
Percentile
21.6%
Description
Regular users with DENY set to all models permissions can still view model information via the /models/{id}/clone endpoint due to no authorize(‘view’) permission being set.
Proof of Concept
1: Create regular user and set DENY to all permissions in asset models.
2: Login as the user
3: Access asset model ID 1 via http://[SNIPE-URL]/models/1/clone
Impact
This vulnerability is capable of users without view asset model permissions can still view asset models via clone endpoint
Related
cnvd
cnvd
Snipe-IT Access Control Error Vulnerability
2021-12-14 00:00:00
prion
prion
Improper access control
2021-12-10 20:15:00
cvelist
cvelist
CVE-2021-4089 Improper Access Control in snipe/snipe-it
2021-12-10 19:15:11
veracode
veracode
Insecure Access Control
2021-12-13 05:24:17
osv
osv
snipe-it is vulnerable to Improper Access Control
2021-12-16 14:32:39
CVE-2021-4089
2021-12-10 20:15:08
nvd
nvd
CVE-2021-4089
2021-12-10 20:15:08
github
github
snipe-it is vulnerable to Improper Access Control
2021-12-16 14:32:39
cve
cve
CVE-2021-4089
2021-12-10 20:15:08