CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
GHSA-9GX3-68P2-GPPF
Vulnerability from github – Published: 2023-03-28 21:30 – Updated: 2023-04-05 15:30Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.
{
"affected": [],
"aliases": [
"CVE-2023-28375"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-28T21:15:00Z",
"severity": "HIGH"
},
"details": "Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.",
"id": "GHSA-9gx3-68p2-gppf",
"modified": "2023-04-05T15:30:25Z",
"published": "2023-03-28T21:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28375"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9VCH-84P9-292X
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2024-04-04 02:53A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition.
{
"affected": [],
"aliases": [
"CVE-2020-3267"
],
"database_specific": {
"cwe_ids": [
"CWE-285",
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-03T18:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition.",
"id": "GHSA-9vch-84p9-292x",
"modified": "2024-04-04T02:53:58Z",
"published": "2022-05-24T17:19:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3267"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-api-auth-WSx4v7sB"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9VHH-53XV-F4C4
Vulnerability from github – Published: 2023-03-28 03:30 – Updated: 2025-02-18 21:32amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion.
{
"affected": [],
"aliases": [
"CVE-2023-23330"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-28T01:15:00Z",
"severity": "HIGH"
},
"details": "amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion.",
"id": "GHSA-9vhh-53xv-f4c4",
"modified": "2025-02-18T21:32:04Z",
"published": "2023-03-28T03:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23330"
},
{
"type": "WEB",
"url": "https://medium.com/%40saleh.py/amano-xparc-local-file-inclusion-cve-2023-23330-672ae8fbfd1e"
},
{
"type": "WEB",
"url": "https://medium.com/@saleh.py/amano-xparc-local-file-inclusion-cve-2023-23330-672ae8fbfd1e"
},
{
"type": "WEB",
"url": "https://www.amano.eu/en/parking/xparc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9XG2-78H5-2F5F
Vulnerability from github – Published: 2025-01-14 12:31 – Updated: 2025-01-14 12:31A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SA82 (CP100) (All versions >= V7.80), SIPROTEC 5 7SA82 (CP150) (All versions < V9.80), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SD82 (CP100) (All versions >= V7.80), SIPROTEC 5 7SD82 (CP150) (All versions < V9.80), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SJ81 (CP100) (All versions >= V7.80), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.80), SIPROTEC 5 7SJ82 (CP100) (All versions >= V7.80), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.80), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SK82 (CP100) (All versions >= V7.80), SIPROTEC 5 7SK82 (CP150) (All versions < V9.80), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SL82 (CP100) (All versions >= V7.80), SIPROTEC 5 7SL82 (CP150) (All versions < V9.80), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions < V9.80), SIPROTEC 5 7SX82 (CP150) (All versions < V9.80), SIPROTEC 5 7SX85 (CP300) (All versions < V9.80), SIPROTEC 5 7SY82 (CP150) (All versions < V9.80), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT82 (CP100) (All versions >= V7.80), SIPROTEC 5 7UT82 (CP150) (All versions < V9.80), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VU85 (CP300) (All versions < V9.80), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.80). Affected devices do not properly limit the path accessible via their webserver. This could allow an authenticated remote attacker to read arbitrary files from the filesystem of affected devices.
{
"affected": [],
"aliases": [
"CVE-2024-53649"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T11:15:16Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions \u003c V9.80), SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SA82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SD82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SJ81 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SJ82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SK82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SL82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions \u003c V9.80), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SX85 (CP300) (All versions \u003c V9.80), SIPROTEC 5 7SY82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT82 (CP100) (All versions \u003e= V7.80), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VU85 (CP300) (All versions \u003c V9.80), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V9.80). Affected devices do not properly limit the path accessible via their webserver. This could allow an authenticated remote attacker to read arbitrary files from the filesystem of affected devices.",
"id": "GHSA-9xg2-78h5-2f5f",
"modified": "2025-01-14T12:31:50Z",
"published": "2025-01-14T12:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53649"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-194557.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-C435-J2QV-J972
Vulnerability from github – Published: 2026-05-27 09:31 – Updated: 2026-05-27 09:31Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2024-11399"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T09:16:25Z",
"severity": "MODERATE"
},
"details": "Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors.",
"id": "GHSA-c435-j2qv-j972",
"modified": "2026-05-27T09:31:15Z",
"published": "2026-05-27T09:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11399"
},
{
"type": "WEB",
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_26"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C5WR-523P-2HQC
Vulnerability from github – Published: 2022-05-24 19:01 – Updated: 2023-10-16 18:30A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
{
"affected": [],
"aliases": [
"CVE-2021-1512"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-06T13:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.",
"id": "GHSA-c5wr-523p-2hqc",
"modified": "2023-10-16T18:30:24Z",
"published": "2022-05-24T19:01:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1512"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6Q3-C35R-7VCF
Vulnerability from github – Published: 2025-11-21 18:30 – Updated: 2025-11-21 18:30The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private.
{
"affected": [],
"aliases": [
"CVE-2025-12747"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-21T17:15:50Z",
"severity": "MODERATE"
},
"details": "The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private.",
"id": "GHSA-c6q3-c35r-7vcf",
"modified": "2025-11-21T18:30:29Z",
"published": "2025-11-21T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12747"
},
{
"type": "WEB",
"url": "https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/class-tainacan-private-files.php"
},
{
"type": "WEB",
"url": "https://github.com/tainacan/tainacan/compare/1.0.0...1.0.1"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c64869f0-a4dd-4135-8ed8-a6ff82a48e1f?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7FC-JFQX-CMFH
Vulnerability from github – Published: 2022-05-17 00:34 – Updated: 2022-05-17 00:34Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.
{
"affected": [],
"aliases": [
"CVE-2017-2551"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-28T01:29:00Z",
"severity": "HIGH"
},
"details": "Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.",
"id": "GHSA-c7fc-jfqx-cmfh",
"modified": "2022-05-17T00:34:23Z",
"published": "2022-05-17T00:34:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2551"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/backwpup/#developers"
},
{
"type": "WEB",
"url": "http://www.vapidlabs.com/advisory.php?v=201"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C9GX-8C9Q-MPP9
Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-05-24 19:16Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and before the link expires. If the system has been upgraded to version 4.4.5 or 4.5.0 a malicious user with the link could browse and download all files of the authenticated user that created the link .
{
"affected": [],
"aliases": [
"CVE-2021-41573"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-29T18:15:00Z",
"severity": "MODERATE"
},
"details": "Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and before the link expires. If the system has been upgraded to version 4.4.5 or 4.5.0 a malicious user with the link could browse and download all files of the authenticated user that created the link .",
"id": "GHSA-c9gx-8c9q-mpp9",
"modified": "2022-05-24T19:16:04Z",
"published": "2022-05-24T19:16:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41573"
},
{
"type": "WEB",
"url": "https://www.hitachi.com/hirt/hitachi-sec/2021/602.html"
},
{
"type": "WEB",
"url": "https://www.hitachi.com/hirt/security/index.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CCQV-43VM-4F3W
Vulnerability from github – Published: 2024-12-23 20:38 – Updated: 2024-12-23 20:38Impact
Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. It allows attackers to access and alter any users' code hosted on the same instance.
Patches
Deletion of .git files has been prohibited (https://github.com/gogs/gogs/pull/7870). Users should upgrade to 0.13.1 or the latest 0.14.0+dev.
Workarounds
No viable workaround available, please only grant access to trusted users to your Gogs instance on affected versions.
References
https://www.cve.org/CVERecord?id=CVE-2024-39931
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.13.0"
},
"package": {
"ecosystem": "Go",
"name": "gogs.io/gogs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.13.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-39931"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-23T20:38:20Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "### Impact\n\nUnprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by `RUN_USER` in the configuration. It allows attackers to access and alter any users\u0027 code hosted on the same instance.\n\n### Patches\n\nDeletion of `.git` files has been prohibited (https://github.com/gogs/gogs/pull/7870). Users should upgrade to 0.13.1 or the latest 0.14.0+dev.\n\n### Workarounds\n\nNo viable workaround available, please only grant access to trusted users to your Gogs instance on affected versions.\n\n### References\n\nhttps://www.cve.org/CVERecord?id=CVE-2024-39931\n",
"id": "GHSA-ccqv-43vm-4f3w",
"modified": "2024-12-23T20:38:20Z",
"published": "2024-12-23T20:38:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/gogs/gogs/security/advisories/GHSA-ccqv-43vm-4f3w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39931"
},
{
"type": "PACKAGE",
"url": "https://github.com/gogs/gogs"
},
{
"type": "WEB",
"url": "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
"type": "CVSS_V3"
}
],
"summary": "Gogs allows deletion of internal files"
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.