Lucene search

GoogleOSV:CVE-2024-46987

HistorySep 18, 2024 - 6:15 p.m.

CVE-2024-46987

2024-09-1818:15:07

Google

osv.dev

camaleon cms

path traversal

vulnerability

ruby on rails

information disclosure

mediacontroller

download_private_file

web server

file permissions

release version

upgrade

workarounds

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.5

Confidence

High

JSON

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController’s download_private_file method allows authenticated users to download any file on the web server Camaleon CMS is running on (depending on the file permissions). This issue may lead to Information Disclosure. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

codeql.github.com/codeql-query-help/ruby/rb-path-injection

github.com/owen2345/camaleon-cms/security/advisories/GHSA-cp65-5m9r-vc2c

owasp.org/www-community/attacks/Path_Traversal

www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.5

Confidence

High

JSON

Related for OSV:CVE-2024-46987