CWE-281
Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
CVE-2024-29735 (GCVE-0-2024-29735)
Vulnerability from cvelistv5 – Published: 2024-03-26 16:52 – Updated: 2025-02-13 17:47
VLAI
Title
Apache Airflow: Potentially harmful permission changing by log task handler
Summary
Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3.
Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix group of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.
If your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.
This issue does not affect users who use or extend Airflow using Official Airflow Docker reference images ( https://hub.docker.com/r/apache/airflow/ ) - those images require to have group write permission set anyway.
You are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.
Also you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.
Recommendation for users using Airflow outside of the containers:
* if you are using root to run Airflow, change your Airflow user to use non-root
* upgrade Apache Airflow to 2.8.4 or above
* If you prefer not to upgrade, you can change the https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions to 0o755 (original value 0o775).
* if you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of AIRFLOW_HOME/logs in all your components and all parent directories of this directory and remove group write access for all the parent directories
Severity
No CVSS data available.
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow |
Affected:
2.8.2 , ≤ 2.8.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:10:55.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/37310"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/8khb1rtbznh100o325fb8xw5wjvtv536"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "airflow",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.8.3",
"status": "affected",
"version": "2.8.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T14:08:38.417026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T18:27:39.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pypi.python.org",
"defaultStatus": "unaffected",
"packageName": "apache-airflow",
"product": "Apache Airflow",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.8.3",
"status": "affected",
"version": "2.8.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matej Murin"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Preservation of Permissions vulnerability in Apache Airflow.\u003cp\u003eThis issue affects Apache Airflow from 2.8.2 through 2.8.3.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAirflow\u0027s local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix \u003ccode\u003egroup\u003c/code\u003e\u0026nbsp;of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.\u003c/p\u003e\u003cp\u003eIf your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.\u003c/p\u003e\u003cp\u003eThis issue does not affect users who use or extend Airflow using Official Airflow Docker reference images (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://hub.docker.com/r/apache/airflow/\"\u003ehttps://hub.docker.com/r/apache/airflow/\u003c/a\u003e) - those images require to have group write permission set anyway.\u003c/p\u003e\u003cp\u003eYou are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.\u003c/p\u003e\u003cp\u003eAlso you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.\u003c/p\u003e\u003cp\u003eRecommendation for users using Airflow outside of the containers:\u003c/p\u003e\u003cul\u003e\u003cli\u003eif you are using root to run Airflow, change your Airflow user to use non-root\u003c/li\u003e\u003cli\u003eupgrade Apache Airflow to 2.8.4 or above\u003c/li\u003e\u003cli\u003eIf you prefer not to upgrade, you can change the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions\"\u003ehttps://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions\u003c/a\u003e\u0026nbsp;to 0o755 (original value 0o775).\u003c/li\u003e\u003cli\u003eif you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of \u003ccode\u003eAIRFLOW_HOME/logs\u003c/code\u003e\u0026nbsp;in all your components and all parent directories of this directory and remove group write access for all the parent directories\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3.\n\nAirflow\u0027s local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix group\u00a0of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.\n\nIf your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.\n\nThis issue does not affect users who use or extend Airflow using Official Airflow Docker reference images ( https://hub.docker.com/r/apache/airflow/ ) - those images require to have group write permission set anyway.\n\nYou are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.\n\nAlso you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.\n\nRecommendation for users using Airflow outside of the containers:\n\n * if you are using root to run Airflow, change your Airflow user to use non-root\n * upgrade Apache Airflow to 2.8.4 or above\n * If you prefer not to upgrade, you can change the https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions \u00a0to 0o755 (original value 0o775).\n * if you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of AIRFLOW_HOME/logs\u00a0in all your components and all parent directories of this directory and remove group write access for all the parent directories"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:05:53.416Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/37310"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/8khb1rtbznh100o325fb8xw5wjvtv536"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Airflow: Potentially harmful permission changing by log task handler",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-29735",
"datePublished": "2024-03-26T16:52:40.770Z",
"dateReserved": "2024-03-19T11:07:02.111Z",
"dateUpdated": "2025-02-13T17:47:41.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32020 (GCVE-0-2024-32020)
Vulnerability from cvelistv5 – Published: 2024-05-14 18:54 – Updated: 2025-02-13 17:52
VLAI
Title
Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a "proper" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.
Severity
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/git/git/security/advisories/GH… | x_refsource_CONFIRM |
| https://github.com/git/git/commit/1204e1a824c3407… | x_refsource_MISC |
| https://github.com/git/git/commit/9e65df5eab274bf… | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | |
| http://www.openwall.com/lists/oss-security/2024/05/14/2 |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:git:git:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.39.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.45.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.44.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.43:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.43.4",
"status": "affected",
"version": "2.43",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.42.2",
"status": "affected",
"version": "2.42.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.41.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.40.2",
"status": "affected",
"version": "2.40.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:32:40.280977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T17:15:59.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:59:50.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj"
},
{
"name": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d"
},
{
"name": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/05/14/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "= 2.45.0"
},
{
"status": "affected",
"version": "= 2.44.0"
},
{
"status": "affected",
"version": "\u003e= 2.43.0, \u003c 2.43.4"
},
{
"status": "affected",
"version": "\u003e= 2.42.0, \u003c 2.42.2"
},
{
"status": "affected",
"version": "= 2.41.0"
},
{
"status": "affected",
"version": "\u003e= 2.40.0, \u003c 2.40.2"
},
{
"status": "affected",
"version": "\u003c 2.39.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository\u0027s object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a \"proper\" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:10:03.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj"
},
{
"name": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d"
},
{
"name": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/14/2"
}
],
"source": {
"advisory": "GHSA-5rfh-556j-fhgj",
"discovery": "UNKNOWN"
},
"title": "Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32020",
"datePublished": "2024-05-14T18:54:08.184Z",
"dateReserved": "2024-04-09T15:29:35.937Z",
"dateUpdated": "2025-02-13T17:52:05.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32882 (GCVE-0-2024-32882)
Vulnerability from cvelistv5 – Published: 2024-05-02 06:52 – Updated: 2024-08-02 02:20
VLAI
Title
Permission check bypass when editing a model with per-field restrictions in wagtail
Summary
Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the `wagtail.contrib.settings` module or `ModelViewSet`, and the `permission` argument on `FieldPanel` has been used to further restrict access to one or more fields of the model, a user with edit permission over the model but not the specific field can craft an HTTP POST request that bypasses the permission check on the individual field, allowing them to update its value. This vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin, or by a user who has not been granted edit access to the model in question. The editing interfaces for pages and snippets are also unaffected. Patched versions have been released as Wagtail 6.0.3 and 6.1. Wagtail releases prior to 6.0 are unaffected. Users are advised to upgrade. Site owners who are unable to upgrade to a patched version can avoid the vulnerability as follows: 1.For models registered through `ModelViewSet`, register the model as a snippet instead; 2. For settings models, place the restricted fields in a separate settings model, and configure permission at the model level.
Severity
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/wagtail/wagtail/security/advis… | x_refsource_CONFIRM |
| https://github.com/wagtail/wagtail/commit/ab2a5d8… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/extending/gene… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/reference/cont… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/reference/page… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wagtail:wagtail:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wagtail",
"vendor": "wagtail",
"versions": [
{
"lessThan": "6.0.3",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T13:08:02.482926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:50:26.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc"
},
{
"name": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b"
},
{
"name": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail",
"vendor": "wagtail",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the `wagtail.contrib.settings` module or `ModelViewSet`, and the `permission` argument on `FieldPanel` has been used to further restrict access to one or more fields of the model, a user with edit permission over the model but not the specific field can craft an HTTP POST request that bypasses the permission check on the individual field, allowing them to update its value. This vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin, or by a user who has not been granted edit access to the model in question. The editing interfaces for pages and snippets are also unaffected. Patched versions have been released as Wagtail 6.0.3 and 6.1. Wagtail releases prior to 6.0 are unaffected. Users are advised to upgrade. Site owners who are unable to upgrade to a patched version can avoid the vulnerability as follows: 1.For models registered through `ModelViewSet`, register the model as a snippet instead; 2. For settings models, place the restricted fields in a separate settings model, and configure permission at the model level."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges ",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T06:52:59.556Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc"
},
{
"name": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b"
},
{
"name": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission"
}
],
"source": {
"advisory": "GHSA-w2v8-php4-p8hc",
"discovery": "UNKNOWN"
},
"title": "Permission check bypass when editing a model with per-field restrictions in wagtail"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32882",
"datePublished": "2024-05-02T06:52:59.556Z",
"dateReserved": "2024-04-19T14:07:11.230Z",
"dateUpdated": "2024-08-02T02:20:35.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3289 (GCVE-0-2024-3289)
Vulnerability from cvelistv5 – Published: 2024-05-17 16:50 – Updated: 2024-08-01 20:05
VLAI
Summary
When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
Severity
7.8 (High)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
1 reference
Date Public
2024-05-16 19:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tenable:nessus:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nessus",
"vendor": "tenable",
"versions": [
{
"lessThanOrEqual": "10.7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T17:25:00.596927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T17:35:56.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2024-08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Nessus",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-16T19:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nWhen installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.\u0026nbsp;"
}
],
"value": "When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T16:50:48.745Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2024-08"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nTenable has released Nessus 10.7.3 to address these issues. The installation files can be obtained from the Tenable Downloads Portal (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/nessus\"\u003ehttps://www.tenable.com/downloads/nessus\u003c/a\u003e).\n\n\u003cbr\u003e"
}
],
"value": "Tenable has released Nessus 10.7.3 to address these issues. The installation files can be obtained from the Tenable Downloads Portal ( https://www.tenable.com/downloads/nessus )."
}
],
"source": {
"advisory": "TNS-2024-08",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2024-3289",
"datePublished": "2024-05-17T16:50:48.745Z",
"dateReserved": "2024-04-03T21:03:11.124Z",
"dateUpdated": "2024-08-01T20:05:08.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3291 (GCVE-0-2024-3291)
Vulnerability from cvelistv5 – Published: 2024-05-17 16:59 – Updated: 2024-08-01 20:05
VLAI
Title
Privilege Escalation
Summary
When installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions prior to 10.6.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
Severity
7.8 (High)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable | Nessus Agent |
Affected:
0 , < 10.6.4
(custom)
|
Date Public
2024-05-16 19:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nessus_agent",
"vendor": "tenable",
"versions": [
{
"lessThan": "10.6.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-18T16:13:59.964924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T17:36:08.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2024-09"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Nessus Agent",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.6.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-16T19:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nWhen installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions prior to 10.6.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.\n\n"
}
],
"value": "When installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions prior to 10.6.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T16:59:56.144Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2024-09"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nTenable has released Nessus Agent 10.6.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/nessus-agents\"\u003ehttps://www.tenable.com/downloads/nessus-agents\u003c/a\u003e).\n\n\u003cbr\u003e"
}
],
"value": "Tenable has released Nessus Agent 10.6.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal ( https://www.tenable.com/downloads/nessus-agents )."
}
],
"source": {
"advisory": "TNS-2024-09",
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2024-3291",
"datePublished": "2024-05-17T16:59:56.144Z",
"dateReserved": "2024-04-03T21:19:32.010Z",
"dateUpdated": "2024-08-01T20:05:08.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38361 (GCVE-0-2024-38361)
Vulnerability from cvelistv5 – Published: 2024-06-20 22:18 – Updated: 2024-08-02 04:04
VLAI
Title
Permissions processing error in spacedb
Summary
Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to `NO_PERMISSION` when permission is expected. If the resource exists under *multiple* folders and the user has access to view more than a single folder, SpiceDB may report the user does not have access due to a failure in the exclusion dispatcher to request that *all* the folders in which the user is a member be returned. Permission is returned as `NO_PERMISSION` when `PERMISSION` is expected on the `CheckPermission` API. This issue has been addressed in version 1.33.1. All users are advised to upgrade. There are no known workarounds for this issue.
Severity
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/authzed/spicedb/security/advis… | x_refsource_CONFIRM |
| https://github.com/authzed/spicedb/commit/ecef31d… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:authzed:spicedb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spicedb",
"vendor": "authzed",
"versions": [
{
"lessThan": "1.33.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T18:16:22.495588Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T18:19:03.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2"
},
{
"name": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spicedb",
"vendor": "authzed",
"versions": [
{
"status": "affected",
"version": "\u003c 1.33.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to `NO_PERMISSION` when permission is expected. If the resource exists under *multiple* folders and the user has access to view more than a single folder, SpiceDB may report the user does not have access due to a failure in the exclusion dispatcher to request that *all* the folders in which the user is a member be returned. Permission is returned as `NO_PERMISSION` when `PERMISSION` is expected on the `CheckPermission` API. This issue has been addressed in version 1.33.1. All users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T22:18:35.552Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2"
},
{
"name": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb"
}
],
"source": {
"advisory": "GHSA-grjv-gjgr-66g2",
"discovery": "UNKNOWN"
},
"title": "Permissions processing error in spacedb"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38361",
"datePublished": "2024-06-20T22:18:35.552Z",
"dateReserved": "2024-06-14T14:16:16.465Z",
"dateUpdated": "2024-08-02T04:04:25.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39902 (GCVE-0-2024-39902)
Vulnerability from cvelistv5 – Published: 2024-07-22 14:10 – Updated: 2024-08-02 04:33
VLAI
Title
Tuleap's recursive permissions to document manager folder are not properly applied
Summary
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8.
Severity
4.8 (Medium)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/Enalean/tuleap/security/adviso… | x_refsource_CONFIRM |
| https://github.com/Enalean/tuleap/commit/580161e8… | x_refsource_MISC |
| https://tuleap.net/plugins/git/tuleap/tuleap/stab… | x_refsource_MISC |
| https://tuleap.net/plugins/tracker/?aid=38675 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T20:17:53.272982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T20:18:06.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:11.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7"
},
{
"name": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/tracker/?aid=38675",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/tracker/?aid=38675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tuleap",
"vendor": "Enalean",
"versions": [
{
"status": "affected",
"version": "\u003c 15.10.99.128"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox \"Apply same permissions to all sub-items of this folder\" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T14:10:11.992Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7"
},
{
"name": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/tracker/?aid=38675",
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/tracker/?aid=38675"
}
],
"source": {
"advisory": "GHSA-5jq5-vxmq-xrj7",
"discovery": "UNKNOWN"
},
"title": "Tuleap\u0027s recursive permissions to document manager folder are not properly applied"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-39902",
"datePublished": "2024-07-22T14:10:11.992Z",
"dateReserved": "2024-07-02T19:37:18.600Z",
"dateUpdated": "2024-08-02T04:33:11.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43784 (GCVE-0-2024-43784)
Vulnerability from cvelistv5 – Published: 2024-11-26 20:17 – Updated: 2024-11-26 21:37
VLAI
Title
Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to it's deletion
Summary
lakeFS is an open-source tool that transforms object storage into a Git-like repository. Existing lakeFS users who have issued credentials to users who have been deleted are affected by this vulnerability. When creating a new user with the same username as a deleted user, that user will inherit all of the previous user's credentials. This issue has been addressed in release version 1.33.0 and all users are advised to upgrade. The only known workaround for those who cannot upgrade is to not reuse usernames.
Severity
5.7 (Medium)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/treeverse/lakeFS/security/advi… | x_refsource_CONFIRM |
| https://github.com/treeverse/lakeFS/releases/tag/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T21:37:06.902297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T21:37:39.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lakeFS",
"vendor": "treeverse",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.31.1, \u003c 1.33.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lakeFS is an open-source tool that transforms object storage into a Git-like repository. Existing lakeFS users who have issued credentials to users who have been deleted are affected by this vulnerability. When creating a new user with the same username as a deleted user, that user will inherit all of the previous user\u0027s credentials. This issue has been addressed in release version 1.33.0 and all users are advised to upgrade. The only known workaround for those who cannot upgrade is to not reuse usernames."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T20:17:56.482Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/treeverse/lakeFS/security/advisories/GHSA-hh33-46q4-hwm2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/treeverse/lakeFS/security/advisories/GHSA-hh33-46q4-hwm2"
},
{
"name": "https://github.com/treeverse/lakeFS/releases/tag/v1.33.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/treeverse/lakeFS/releases/tag/v1.33.0"
}
],
"source": {
"advisory": "GHSA-hh33-46q4-hwm2",
"discovery": "UNKNOWN"
},
"title": "Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to it\u0027s deletion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43784",
"datePublished": "2024-11-26T20:17:56.482Z",
"dateReserved": "2024-08-16T14:20:37.323Z",
"dateUpdated": "2024-11-26T21:37:39.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-46941 (GCVE-0-2024-46941)
Vulnerability from cvelistv5 – Published: 2025-06-06 03:24 – Updated: 2025-06-09 13:42
VLAI
Title
SystemUI component protection settings vulnerability
Summary
SystemUI has an incorrect component protection setting, which allows access to specific information.
Severity
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:42:03.794018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:42:08.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SystemUI",
"vendor": "vivo",
"versions": [
{
"status": "affected",
"version": "Versions below 14.0.8.120"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SystemUI has an incorrect component protection setting, which allows access to specific information.\n\n\u003cbr\u003e"
}
],
"value": "SystemUI has an incorrect component protection setting, which allows access to specific information."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/V:D",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T03:24:32.260Z",
"orgId": "c6f5cd8e-fe3d-4460-82c2-f8a4e7b272c8",
"shortName": "Vivo"
},
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=17"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SystemUI component protection settings vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c6f5cd8e-fe3d-4460-82c2-f8a4e7b272c8",
"assignerShortName": "Vivo",
"cveId": "CVE-2024-46941",
"datePublished": "2025-06-06T03:24:32.260Z",
"dateReserved": "2024-09-15T22:07:33.094Z",
"dateUpdated": "2025-06-09T13:42:08.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47270 (GCVE-0-2024-47270)
Vulnerability from cvelistv5 – Published: 2026-05-27 08:29 – Updated: 2026-05-27 13:45
VLAI
Summary
Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors.
Severity
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.synology.com/en-global/security/advis… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Synology | Surveillance Station |
Affected:
* , < 9.2.2-9575
(semver)
Affected: * , < 9.2.2-11575 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T13:45:48.237747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T13:45:55.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Surveillance Station",
"vendor": "Synology",
"versions": [
{
"lessThan": "9.2.2-9575",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "9.2.2-11575",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zhao Runzi (\u8d75\u6da6\u6893)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T08:29:56.839Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-24:25 Surveillance Station",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_25"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2024-47270",
"datePublished": "2026-05-27T08:29:56.839Z",
"dateReserved": "2024-09-24T03:58:57.133Z",
"dateUpdated": "2026-05-27T13:45:55.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.