CVE-2018-1322 - OpenCVE

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Syncope

Configuration 1 [-]

OR	cpe:2.3:a:apache:syncope::::::::
	cpe:2.3:a:apache:syncope::::::::
	cpe:2.3:a:apache:syncope:1.0.0:::::::*
	cpe:2.3:a:apache:syncope:1.0.3:::::::*
	cpe:2.3:a:apache:syncope:1.0.4:::::::*
	cpe:2.3:a:apache:syncope:1.0.5:::::::*
	cpe:2.3:a:apache:syncope:1.0.6:::::::*
	cpe:2.3:a:apache:syncope:1.0.7:::::::*
	cpe:2.3:a:apache:syncope:1.0.8:::::::*
	cpe:2.3:a:apache:syncope:1.0.9:::::::*
	cpe:2.3:a:apache:syncope:1.1.0:::::::*
	cpe:2.3:a:apache:syncope:1.1.1:::::::*
	cpe:2.3:a:apache:syncope:1.1.2:::::::*
	cpe:2.3:a:apache:syncope:1.1.3:::::::*
	cpe:2.3:a:apache:syncope:1.1.4:::::::*
	cpe:2.3:a:apache:syncope:1.1.5:::::::*
	cpe:2.3:a:apache:syncope:1.1.6:::::::*
	cpe:2.3:a:apache:syncope:1.1.7:::::::*
	cpe:2.3:a:apache:syncope:1.1.8:::::::*

References

Link	Resource
http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting	Mitigation Vendor Advisory
http://www.securityfocus.com/bid/103507	Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/45400/	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2018-03-21T00:00:00

Updated: 2018-09-15T09:57:01

Reserved: 2017-12-07T00:00:00

Link: CVE-2018-1322

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-03-20T17:29:00.300

Modified: 2019-03-08T15:15:59.670

Link: CVE-2018-1322

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "Apache Syncope", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "Releases prior to 1.2.11, Releases prior to 2.0.8"}, {"status": "affected", "version": "The unsupported Releases 1.0.x, 1.1.x may be also affected."}]}], "datePublic": "2018-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters."}], "problemTypes": [{"descriptions": [{"description": "Information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-15T09:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting"}, {"name": "103507", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103507"}, {"name": "45400", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/45400/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2018-03-21T00:00:00", "ID": "CVE-2018-1322", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Syncope", "version": {"version_data": [{"version_value": "Releases prior to 1.2.11, Releases prior to 2.0.8"}, {"version_value": "The unsupported Releases 1.0.x, 1.1.x may be also affected."}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"name": "http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting", "refsource": "MISC", "url": "http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting"}, {"name": "103507", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103507"}, {"name": "45400", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/45400/"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2018-1322", "datePublished": "2018-03-21T00:00:00", "dateReserved": "2017-12-07T00:00:00", "dateUpdated": "2018-09-15T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:syncope:*:*:*:*:*:*:*:*", "matchCriteriaId": "C352FD95-915E-4382-8020-8D5F738D63A9", "versionEndExcluding": "1.2.11", "versionStartIncluding": "1.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:*:*:*:*:*:*:*:*", "matchCriteriaId": "0664E504-BA1D-40C9-A4B2-53DCF4BDDA1E", "versionEndExcluding": "2.0.8", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E4BEECD-5BE6-4ADE-AB9F-82631A582D27", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "682C36BC-D3E7-4203-9793-313CC72DA62D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B34E99B4-4EAD-47D8-BDE4-235836F85E8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8C28DB5E-FDC8-4D6C-8652-62071084AFE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "EE1F61F6-8D9B-4DD3-9212-42AE1F399A27", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C4B181F2-B240-47CA-B5DD-9C5906D8E3B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "6F9EEDCA-AE77-42C0-A99A-F7DF126E7901", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "BE2E485D-8AA7-45B1-B436-D0C2260EE182", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A4CE370-0229-4408-A2B1-5677B6ACDB3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3FAA0C0-9FB0-4F63-BA1F-6AF504E6FFFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "904FD046-B8DF-4842-9DEA-78D03AF0394E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0DBE0A5E-0576-4D6E-B5F9-C122405EA691", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A68014D4-1B64-478C-BBC2-168DB2FBF124", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "7B5E2D4B-9BDE-432C-8269-4AE65586D2F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "85F12537-6086-4F5C-A875-F9139A3B56B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCE40770-AC7A-4E5F-B7A0-37E9BBE55811", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:syncope:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "4BB19E5F-707F-4F2F-93FF-619784E02D40", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters."}, {"lang": "es", "value": "Un administrador con privilegios de b\u00fasqueda de usuarios en Apache Syncope, en versiones 1.2.x anteriores a la 1.2.11, versiones 2.0.x anteriores a la 2.0.8 y versiones 1.0.x y 1.1.x no soportadas que tambi\u00e9n podr\u00edan verse afectadas, puede recuperar valores sensibles para la seguridad empleando los par\u00e1metros fiql y orderby."}], "id": "CVE-2018-1322", "lastModified": "2019-03-08T15:15:59.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-20T17:29:00.300", "references": [{"source": "security@apache.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103507"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/45400/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}