CVE-2018-19367 - OpenCVE

Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Portainer	Portainer

Configuration 1 [-]

cpe:2.3:a:portainer:portainer:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/lichti/shodan-portainer/	Exploit Third Party Advisory
https://github.com/portainer/portainer/issues/2475	Exploit Issue Tracking Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:56

Updated: 2022-10-03T16:21:56

Reserved: 2022-10-03T00:00:00

Link: CVE-2018-19367

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-11-20T09:29:05.053

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-19367

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:portainer:portainer:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A13A65E-FFC2-40E2-BAD6-8AF598CAE887", "versionEndIncluding": "1.19.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case."}, {"lang": "es", "value": "Portainer hasta la versi\u00f3n 1.19.2 proporciona un endpoint API (/api/users/admin/check) para verificar que el usuario administrador ya se haya creado. Este endpoint API devolver\u00e1 404 si el administrador no se ha creado y 204 si ya se ha creado. Los atacantes pueden establecer una contrase\u00f1a de administrador en el caso de 404."}], "id": "CVE-2018-19367", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-20T09:29:05.053", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/lichti/shodan-portainer/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Third Party Advisory"], "url": "https://github.com/portainer/portainer/issues/2475"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}