CVE-2023-45809

EPSS 0.45%
Veröffentlicht 19.10.2023 19:15:15
Zuletzt bearbeitet 21.11.2024 08:27:23
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Disclosure of user names via admin bulk action views in wagtail

Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any changes, the error message discloses the display names of user accounts, and by modifying URL parameters, the user can retrieve the display name for any user. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. Patched versions have been released as Wagtail 4.1.8 (LTS), 5.0.5 and 5.1.3. The fix is also included in Release Candidate 1 of the forthcoming Wagtail 5.2 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 3 Referenzen 5

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Torchbox ≫ Wagtail Version < 4.1.9

Torchbox ≫ Wagtail Version >= 4.2 < 5.0.5

Torchbox ≫ Wagtail Version >= 5.1 < 5.1.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.45%	0.359

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
security-advisories@github.com	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-425 Direct Request ('Forced Browsing')

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://github.com/wagtail/wagtail/commit/bc96aed6ac53f998b2f4c4bf97e2d4f5fe337e5b

Patch

https://github.com/wagtail/wagtail/security/advisories/GHSA-fc75-58r8-rm3h

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-45809

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-45809

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-45809

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-45809