Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-965r-9cg9-g42p

Опубликовано: 28 мая 2025
Источник: github
Github: Прошло ревью
CVSS3: 8.3

Описание

Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users

Impact

All objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users.

If object-urls are exposed via other channels, the contents of these objects can be viewed independent of object-management configurations.

Attack requirements

The following conditions have to be met in order to perform this attack:

  • A user must be logged in
    • No relevant application roles are required
  • At least one object-type must be configured via object-management
    • The scope of the attack is limited to objects that are configured via object-management.
    • The value of showInDataMenu is irrelevant for this attack

Patches

This issue was patched in version 12.13.0.RELEASE.

Workarounds

It is possible to override the endpoint security as defined in ObjectenApiHttpSecurityConfigurer and ObjectManagementHttpSecurityConfigurer. Depending on the implementation, this could result in loss of functionality.

Ссылки

Пакеты

Наименование

com.ritense.valtimo:objecten-api

maven
Затронутые версииВерсия исправления

>= 11.0.0.RELEASE, <= 11.3.3.RELEASE

Отсутствует

Наименование

com.ritense.valtimo:object-management

maven
Затронутые версииВерсия исправления

>= 11.0.0.RELEASE, <= 11.3.3.RELEASE

Отсутствует

Наименование

com.ritense.valtimo:object-management

maven
Затронутые версииВерсия исправления

>= 12.0.0.RELEASE, < 12.13.0.RELEASE

12.13.0.RELEASE

Наименование

com.ritense.valtimo:objecten-api

maven
Затронутые версииВерсия исправления

>= 12.0.0.RELEASE, < 12.13.0.RELEASE

12.13.0.RELEASE

EPSS

Процентиль: 20%
0.00063
Низкий

8.3 High

CVSS3

CVE ID

CVE-2025-48881

Дефекты

CWE-863

Связанные уязвимости

nvd логотип

CVE-2025-48881

CVSS3: 8.3
nvd
8 месяцев назад

Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users. If object-urls are exposed via other channels, the contents of these objects can be viewed independent of object-management configurations. This issue has been patched in version 12.13.0.RELEASE. A workaround for this issue involves overriding the endpoint security as defined in ObjectenApiHttpSecurityConfigurer and ObjectManagementHttpSecurityConfigurer. Depending on the implementation, this could result in loss of functionality.

EPSS

Процентиль: 20%
0.00063
Низкий

8.3 High

CVSS3

CVE ID

CVE-2025-48881

Дефекты

CWE-863