Lucene search

Veracode Vulnerability DatabaseVERACODE:41218

HistoryJul 12, 2023 - 6:48 a.m.

Sensitive Data Exposure

2023-07-1206:48:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

sensitive data exposure

decidim

decidim-meetings

vulnerability

third-party library

ransack

data filtering

association chains

exfiltration

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

43.1%

JSON

Decidim and Decidim-meetings is vulnerable to Sensitive Data Exposure. The vulnerability is due to using a third party library Ransack which allows filtering data on all attributes and associations. This allows an attacker to exfiltrate non-public data from underlying database by traversing association chains from the searchable data class to sensitive attributes of the another class used in the application.

CPENameOperatorVersion
decidim-participatory_processesle0.27.2
decidim-participatory_processesle0.27.2

CPE	Name	Operator	Version
	decidim-participatory_processes	le	0.27.2
	decidim-participatory_processes	le	0.27.2

References

github.com/decidim/decidim/releases/tag/v0.27.3

github.com/decidim/decidim/security/advisories/GHSA-jm79-9pm4-vrw9

github.com/decidim/decidim/security/advisories/GHSA-jm79-9pm4-vrw9#advisory-comment-81110

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

43.1%

JSON

Related for VERACODE:41218