CVE-2021-39173

Опубликовано: 27 авг. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the middleware ReadyForUse, which now performs a stricter validation of the instance name. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.

Ссылки

https://blog.sonarsource.com/cachet-code-execution-via-laravel-configuration-injection/
Exploit
Third Party Advisory
https://github.com/fiveai/Cachet/releases/tag/v2.5.1
Release Notes
Third Party Advisory
https://github.com/fiveai/Cachet/security/advisories/GHSA-r67m-m8c7-jp83
Third Party Advisory
https://blog.sonarsource.com/cachet-code-execution-via-laravel-configuration-injection/
Exploit
Third Party Advisory
https://github.com/fiveai/Cachet/releases/tag/v2.5.1
Release Notes
Third Party Advisory
https://github.com/fiveai/Cachet/security/advisories/GHSA-r67m-m8c7-jp83
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:catchethq:catchet:*:*:*:*:*:*:*:*

Версия до 2.5.1 (исключая)

EPSS

Процентиль: 84%

0.02215

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-704

Связанные уязвимости

CVE-2021-39173

CVSS3: 8.8

debian

больше 4 лет назад

Cachet is an open source status page system. Prior to version 2.5.1 au ...

GHSA-r67m-m8c7-jp83

CVSS3: 8.8

github

больше 4 лет назад

Cachet vulnerable to forced reinstall

EPSS

Процентиль: 84%

0.02215

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-704