GHSA-FJQG-W8G6-HHQ8

Vulnerability from github – Published: 2021-09-02 17:16 – Updated: 2022-08-10 23:54
VLAI?
Summary
Dolibarr vulnerable to Improper Authentication and Improper Access Control
Details

In Dolibarr application, v3.3.beta1_20121221 to v13.0.2 have Modify access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user Login. This leads to complete account takeover of the victim user. This happens since the password gets overwritten for the victim user having a similar login name.

Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c 13.0.2"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "dolibarr/dolibarr"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.3.beta1"
            },
            {
              "fixed": "14.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-25956"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-26T15:30:25Z",
    "nvd_published_at": "2021-08-17T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "In `Dolibarr` application, v3.3.beta1_20121221 to v13.0.2 have `Modify` access for admin level users to change other user\u2019s details but fails to validate already existing \u201cLogin\u201d name, while renaming the user `Login`. This leads to complete account takeover of the victim user. This happens since the password gets overwritten for the victim user having a similar login name.",
  "id": "GHSA-fjqg-w8g6-hhq8",
  "modified": "2022-08-10T23:54:51Z",
  "published": "2021-09-02T17:16:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25956"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Dolibarr/dolibarr/commit/c4cba43bade736ab89e31013a6ccee59a6e077ee"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Dolibarr/dolibarr"
    },
    {
      "type": "WEB",
      "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25956"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Dolibarr vulnerable to Improper Authentication and Improper Access Control"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.