github - ghsa-2h96-7jv3-737m

ghsa-2h96-7jv3-737m

Vulnerability from github

Published

2024-10-29 15:32

Modified

2024-10-29 15:32

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user's name. By manipulating the /file endpoint, an authenticated user can enumerate and access files in other users' directories, leading to unauthorized access to private chat histories. This vulnerability can be exploited to read any user's private chat history.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-8143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1057"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-29T13:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user\u0027s name. By manipulating the /file endpoint, an authenticated user can enumerate and access files in other users\u0027 directories, leading to unauthorized access to private chat histories. This vulnerability can be exploited to read any user\u0027s private chat history.",
  "id": "GHSA-2h96-7jv3-737m",
  "modified": "2024-10-29T15:32:05Z",
  "published": "2024-10-29T15:32:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8143"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/ccc7479ace5c9e1a1d9f4daf2e794ffd3865fc2b"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/71c5ea4b-524a-4173-8fd4-2fbabd69502e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2024-8143

Vulnerability from cvelistv5

Published

2024-10-29 12:49

Modified

2024-10-29 13:23

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

Unauthorized Access to User Chat History in gaizhenbiao/chuanhuchatgpt

References

▼	URL	Tags
	https://huntr.com/bounties/71c5ea4b-524a-4173-8fd4-2fbabd69502e
	https://github.com/gaizhenbiao/chuanhuchatgpt/commit/ccc7479ace5c9e1a1d9f4daf2e794ffd3865fc2b

Impacted products

▼	Vendor	Product
	gaizhenbiao	gaizhenbiao/chuanhuchatgpt

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240628:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "chuanhuchatgpt",
            "vendor": "gaizhenbiao",
            "versions": [
              {
                "status": "affected",
                "version": "20240628"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8143",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-29T13:17:13.125619Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T13:23:01.857Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gaizhenbiao/chuanhuchatgpt",
          "vendor": "gaizhenbiao",
          "versions": [
            {
              "lessThan": "20240919",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user\u0027s name. By manipulating the /file endpoint, an authenticated user can enumerate and access files in other users\u0027 directories, leading to unauthorized access to private chat histories. This vulnerability can be exploited to read any user\u0027s private chat history."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1057",
              "description": "CWE-1057 Data Access Operations Outside of Expected Data Manager Component",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T12:49:09.525Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntr_ai"
      },
      "references": [
        {
          "url": "https://huntr.com/bounties/71c5ea4b-524a-4173-8fd4-2fbabd69502e"
        },
        {
          "url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/ccc7479ace5c9e1a1d9f4daf2e794ffd3865fc2b"
        }
      ],
      "source": {
        "advisory": "71c5ea4b-524a-4173-8fd4-2fbabd69502e",
        "discovery": "EXTERNAL"
      },
      "title": "Unauthorized Access to User Chat History in gaizhenbiao/chuanhuchatgpt"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntr_ai",
    "cveId": "CVE-2024-8143",
    "datePublished": "2024-10-29T12:49:09.525Z",
    "dateReserved": "2024-08-24T00:08:38.146Z",
    "dateUpdated": "2024-10-29T13:23:01.857Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted