Search criteria
6 vulnerabilities found for wagtail-2fa by labdigital
FKIE_CVE-2020-5240
Vulnerability from fkie_nvd - Published: 2020-03-13 22:15 - Updated: 2024-11-21 05:33
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N
8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Summary
In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| labdigital | wagtail-2fa | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:labdigital:wagtail-2fa:*:*:*:*:*:*:*:*",
"matchCriteriaId": "191715D1-9797-4239-B5EF-C9BFBBD31905",
"versionEndExcluding": "1.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1."
},
{
"lang": "es",
"value": "En wagtail-2fa versiones anteriores a 1.4.1, cualquier usuario con acceso al CMS puede visualizar y borrar los dispositivos 2FA de otros usuarios al ir hacia la ruta correcta. El usuario no requiere permisos especiales para hacerlo. Al eliminar el dispositivo de los dem\u00e1s usuarios, pueden deshabilitar los dispositivos 2FA de los usuarios de destino y comprometer potencialmente la cuenta si adivinan su contrase\u00f1a. El problema ha sido parcheado en la versi\u00f3n 1.4.1."
}
],
"id": "CVE-2020-5240",
"lastModified": "2024-11-21T05:33:44.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-13T22:15:11.217",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-16766
Vulnerability from fkie_nvd - Published: 2019-11-29 17:15 - Updated: 2024-11-21 04:31
Severity ?
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| labdigital | wagtail-2fa | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:labdigital:wagtail-2fa:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DC866A-C5F3-4807-87A5-3DBE12166499",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using wagtail-2fa before 1.3.0, if someone gains access to someone\u0027s Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0."
},
{
"lang": "es",
"value": "Cuando se utiliza wagtail-2fa versiones anteriores a 1.3.0, si alguien consigue acceso a las credenciales de inicio de sesi\u00f3n de Wagtail de otro, puede iniciar sesi\u00f3n en el CMS y omitir la comprobaci\u00f3n de 2FA al cambiar la URL. Luego pueden agregar un nuevo dispositivo y conseguir acceso completo al CMS. Este problema ha sido parcheado en la versi\u00f3n 1.3.0."
}
],
"id": "CVE-2019-16766",
"lastModified": "2024-11-21T04:31:08.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-29T17:15:11.683",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
},
{
"lang": "en",
"value": "CWE-304"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-5240 (GCVE-0-2020-5240)
Vulnerability from cvelistv5 – Published: 2020-03-13 21:20 – Updated: 2024-08-04 08:22
VLAI?
Title
2FA bypass through deleting devices in wagtail-2fa
Summary
In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1.
Severity ?
7.6 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lab Digital | wagtail-2fa |
Affected:
< 1.4.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail-2fa",
"vendor": "Lab Digital",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-13T21:20:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
],
"source": {
"advisory": "GHSA-9gjv-6qq6-v7qm",
"discovery": "UNKNOWN"
},
"title": "2FA bypass through deleting devices in wagtail-2fa",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5240",
"STATE": "PUBLIC",
"TITLE": "2FA bypass through deleting devices in wagtail-2fa"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wagtail-2fa",
"version": {
"version_data": [
{
"version_value": "\u003c 1.4.1"
}
]
}
}
]
},
"vendor_name": "Lab Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm",
"refsource": "CONFIRM",
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
]
},
"source": {
"advisory": "GHSA-9gjv-6qq6-v7qm",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5240",
"datePublished": "2020-03-13T21:20:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16766 (GCVE-0-2019-16766)
Vulnerability from cvelistv5 – Published: 2019-11-29 17:05 – Updated: 2024-08-05 01:24
VLAI?
Title
2FA bypass in Wagtail through new device path
Summary
When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0.
Severity ?
8.7 (High)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lab Digital | wagtail-2fa |
Affected:
< 1.3.0 , < 1.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail-2fa",
"vendor": "Lab Digital",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "\u003c 1.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When using wagtail-2fa before 1.3.0, if someone gains access to someone\u0027s Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-304",
"description": "CWE-304 Missing Critical Step in Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T17:05:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
],
"source": {
"advisory": "GHSA-89px-ww3j-g2mm",
"discovery": "UNKNOWN"
},
"title": "2FA bypass in Wagtail through new device path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16766",
"STATE": "PUBLIC",
"TITLE": "2FA bypass in Wagtail through new device path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wagtail-2fa",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 1.3.0",
"version_value": "1.3.0"
}
]
}
}
]
},
"vendor_name": "Lab Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using wagtail-2fa before 1.3.0, if someone gains access to someone\u0027s Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-304 Missing Critical Step in Authentication"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-290 Authentication Bypass by Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm",
"refsource": "CONFIRM",
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
]
},
"source": {
"advisory": "GHSA-89px-ww3j-g2mm",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16766",
"datePublished": "2019-11-29T17:05:14",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:47.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5240 (GCVE-0-2020-5240)
Vulnerability from nvd – Published: 2020-03-13 21:20 – Updated: 2024-08-04 08:22
VLAI?
Title
2FA bypass through deleting devices in wagtail-2fa
Summary
In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1.
Severity ?
7.6 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lab Digital | wagtail-2fa |
Affected:
< 1.4.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail-2fa",
"vendor": "Lab Digital",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-13T21:20:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
],
"source": {
"advisory": "GHSA-9gjv-6qq6-v7qm",
"discovery": "UNKNOWN"
},
"title": "2FA bypass through deleting devices in wagtail-2fa",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5240",
"STATE": "PUBLIC",
"TITLE": "2FA bypass through deleting devices in wagtail-2fa"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wagtail-2fa",
"version": {
"version_data": [
{
"version_value": "\u003c 1.4.1"
}
]
}
}
]
},
"vendor_name": "Lab Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm",
"refsource": "CONFIRM",
"url": "https://github.com/labd/wagtail-2fa/security/advisories/GHSA-9gjv-6qq6-v7qm"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/ac23550d33b7436e90e3beea904647907eba5b74"
}
]
},
"source": {
"advisory": "GHSA-9gjv-6qq6-v7qm",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5240",
"datePublished": "2020-03-13T21:20:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16766 (GCVE-0-2019-16766)
Vulnerability from nvd – Published: 2019-11-29 17:05 – Updated: 2024-08-05 01:24
VLAI?
Title
2FA bypass in Wagtail through new device path
Summary
When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0.
Severity ?
8.7 (High)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lab Digital | wagtail-2fa |
Affected:
< 1.3.0 , < 1.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail-2fa",
"vendor": "Lab Digital",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "\u003c 1.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When using wagtail-2fa before 1.3.0, if someone gains access to someone\u0027s Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-304",
"description": "CWE-304 Missing Critical Step in Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T17:05:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
],
"source": {
"advisory": "GHSA-89px-ww3j-g2mm",
"discovery": "UNKNOWN"
},
"title": "2FA bypass in Wagtail through new device path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16766",
"STATE": "PUBLIC",
"TITLE": "2FA bypass in Wagtail through new device path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wagtail-2fa",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 1.3.0",
"version_value": "1.3.0"
}
]
}
}
]
},
"vendor_name": "Lab Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using wagtail-2fa before 1.3.0, if someone gains access to someone\u0027s Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-304 Missing Critical Step in Authentication"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-290 Authentication Bypass by Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm",
"refsource": "CONFIRM",
"url": "https://github.com/LabD/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81"
},
{
"name": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca",
"refsource": "MISC",
"url": "https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca"
}
]
},
"source": {
"advisory": "GHSA-89px-ww3j-g2mm",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16766",
"datePublished": "2019-11-29T17:05:14",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:47.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}