cnvd - cnvd-2020-64786

CNVD-2020-64786

Vulnerability from cnvd - Published: 2020-11-20

Title

Red Discord Bot权限提升漏洞

Description

Red Discord Bot是个人开发者的一个Python编写的模块化机器人。该机器人软件可根据不同的模块配置完成不同的功能。 Red Discord Bot 3.4.1之前版本存在安全漏洞，该漏洞源于Mod模块中有一个未授权的特权升级漏洞。当应用程序处于超出该用户控制的特定条件时，该漏洞允许公会中具有高特权级别的不一致用户绕过层次结构检查。通过滥用这个漏洞，有可能在用户拥有高特权的行会内执行破坏性的行为。目前没有详细漏洞细节提供。

Severity

中

Patch Name

Red Discord Bot权限提升漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-15278

Impacted products

Name
Red Discord Bot Red Discord Bot <3.4.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15278",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-15278"
    }
  },
  "description": "Red Discord Bot\u662f\u4e2a\u4eba\u5f00\u53d1\u8005\u7684\u4e00\u4e2aPython\u7f16\u5199\u7684\u6a21\u5757\u5316\u673a\u5668\u4eba\u3002\u8be5\u673a\u5668\u4eba\u8f6f\u4ef6\u53ef\u6839\u636e\u4e0d\u540c\u7684\u6a21\u5757\u914d\u7f6e\u5b8c\u6210\u4e0d\u540c\u7684\u529f\u80fd\u3002\n\nRed Discord Bot 3.4.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eMod\u6a21\u5757\u4e2d\u6709\u4e00\u4e2a\u672a\u6388\u6743\u7684\u7279\u6743\u5347\u7ea7\u6f0f\u6d1e\u3002\u5f53\u5e94\u7528\u7a0b\u5e8f\u5904\u4e8e\u8d85\u51fa\u8be5\u7528\u6237\u63a7\u5236\u7684\u7279\u5b9a\u6761\u4ef6\u65f6\uff0c\u8be5\u6f0f\u6d1e\u5141\u8bb8\u516c\u4f1a\u4e2d\u5177\u6709\u9ad8\u7279\u6743\u7ea7\u522b\u7684\u4e0d\u4e00\u81f4\u7528\u6237\u7ed5\u8fc7\u5c42\u6b21\u7ed3\u6784\u68c0\u67e5\u3002\u901a\u8fc7\u6ee5\u7528\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u6709\u53ef\u80fd\u5728\u7528\u6237\u62e5\u6709\u9ad8\u7279\u6743\u7684\u884c\u4f1a\u5185\u6267\u884c\u7834\u574f\u6027\u7684\u884c\u4e3a\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-64786",
  "openTime": "2020-11-20",
  "patchDescription": "Red Discord Bot\u662f\u4e2a\u4eba\u5f00\u53d1\u8005\u7684\u4e00\u4e2aPython\u7f16\u5199\u7684\u6a21\u5757\u5316\u673a\u5668\u4eba\u3002\u8be5\u673a\u5668\u4eba\u8f6f\u4ef6\u53ef\u6839\u636e\u4e0d\u540c\u7684\u6a21\u5757\u914d\u7f6e\u5b8c\u6210\u4e0d\u540c\u7684\u529f\u80fd\u3002\r\n\r\nRed Discord Bot 3.4.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eMod\u6a21\u5757\u4e2d\u6709\u4e00\u4e2a\u672a\u6388\u6743\u7684\u7279\u6743\u5347\u7ea7\u6f0f\u6d1e\u3002\u5f53\u5e94\u7528\u7a0b\u5e8f\u5904\u4e8e\u8d85\u51fa\u8be5\u7528\u6237\u63a7\u5236\u7684\u7279\u5b9a\u6761\u4ef6\u65f6\uff0c\u8be5\u6f0f\u6d1e\u5141\u8bb8\u516c\u4f1a\u4e2d\u5177\u6709\u9ad8\u7279\u6743\u7ea7\u522b\u7684\u4e0d\u4e00\u81f4\u7528\u6237\u7ed5\u8fc7\u5c42\u6b21\u7ed3\u6784\u68c0\u67e5\u3002\u901a\u8fc7\u6ee5\u7528\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u6709\u53ef\u80fd\u5728\u7528\u6237\u62e5\u6709\u9ad8\u7279\u6743\u7684\u884c\u4f1a\u5185\u6267\u884c\u7834\u574f\u6027\u7684\u884c\u4e3a\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Red Discord Bot\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Red Discord Bot Red Discord Bot \u003c3.4.1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-15278",
  "serverity": "\u4e2d",
  "submitTime": "2020-10-29",
  "title": "Red Discord Bot\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2020-15278 (GCVE-0-2020-15278)

Vulnerability from cvelistv5 – Published: 2020-10-28 16:35 – Updated: 2024-08-04 13:15

Title

Unauthorized privilege escalation in Mod module

Summary

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue.

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE

CWE-863 - Incorrect Authorization

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Cog-Creators/Red-DiscordBot/se…	x_refsource_CONFIRM
	https://github.com/Cog-Creators/Red-DiscordBot/co…	x_refsource_MISC
	https://github.com/Cog-Creators/Red-DiscordBot/re…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cog-Creators	Red-DiscordBot	Affected: < 3.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:15:20.121Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-mp9m-g7qj-6vqr"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/commit/726bfd38adfdfaef760412a68e01447b470f438b"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Red-DiscordBot",
          "vendor": "Cog-Creators",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user\u0027s control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-28T16:35:15",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-mp9m-g7qj-6vqr"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/commit/726bfd38adfdfaef760412a68e01447b470f438b"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1"
        }
      ],
      "source": {
        "advisory": "GHSA-mp9m-g7qj-6vqr",
        "discovery": "UNKNOWN"
      },
      "title": "Unauthorized privilege escalation in Mod module",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15278",
          "STATE": "PUBLIC",
          "TITLE": "Unauthorized privilege escalation in Mod module"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Red-DiscordBot",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 3.4.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cog-Creators"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user\u0027s control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-863: Incorrect Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-mp9m-g7qj-6vqr",
              "refsource": "CONFIRM",
              "url": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-mp9m-g7qj-6vqr"
            },
            {
              "name": "https://github.com/Cog-Creators/Red-DiscordBot/commit/726bfd38adfdfaef760412a68e01447b470f438b",
              "refsource": "MISC",
              "url": "https://github.com/Cog-Creators/Red-DiscordBot/commit/726bfd38adfdfaef760412a68e01447b470f438b"
            },
            {
              "name": "https://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1",
              "refsource": "MISC",
              "url": "https://github.com/Cog-Creators/Red-DiscordBot/releases/tag/3.4.1"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-mp9m-g7qj-6vqr",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15278",
    "datePublished": "2020-10-28T16:35:15",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:15:20.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-64786

CVE-2020-15278 (GCVE-0-2020-15278)

Tags

Sightings

Nomenclature