CVE-2021-3731 - OpenCVE

LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ledgersmb	Ledgersmb
Debian	Debian Linux

Configuration 1 [-]

OR	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:ledgersmb:ledgersmb::::::::

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

References

Link	Resource
https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a	Third Party Advisory
https://ledgersmb.org/cve-2021-3731-clickjacking	Vendor Advisory
https://www.debian.org/security/2021/dsa-4962	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2021-08-23T12:42:01

Updated: 2021-08-24T10:06:11

Reserved: 2021-08-21T00:00:00

Link: CVE-2021-3731

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-23T13:15:08.007

Modified: 2021-08-27T15:16:41.080

Link: CVE-2021-3731

JSON object: View

Redhat Information

No data.

CWE

CWE-1021

{"containers": {"cna": {"affected": [{"product": "ledgersmb/ledgersmb", "vendor": "ledgersmb", "versions": [{"status": "unaffected", "version": "1.7.33"}, {"lessThan": "1.8.18", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1021", "description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-24T10:06:11", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://ledgersmb.org/cve-2021-3731-clickjacking"}, {"name": "DSA-4962", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4962"}], "source": {"advisory": "5664331d-f5f8-4412-8566-408f8655888a", "discovery": "EXTERNAL"}, "title": "Improper Restriction of Rendered UI Layers or Frames in ledgersmb/ledgersmb", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3731", "STATE": "PUBLIC", "TITLE": "Improper Restriction of Rendered UI Layers or Frames in ledgersmb/ledgersmb"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ledgersmb/ledgersmb", "version": {"version_data": [{"version_affected": "!", "version_value": "1.7.33"}, {"version_affected": "<", "version_value": "1.8.18"}]}}]}, "vendor_name": "ledgersmb"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames"}]}]}, "references": {"reference_data": [{"name": "https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a"}, {"name": "https://ledgersmb.org/cve-2021-3731-clickjacking", "refsource": "CONFIRM", "url": "https://ledgersmb.org/cve-2021-3731-clickjacking"}, {"name": "DSA-4962", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4962"}]}, "source": {"advisory": "5664331d-f5f8-4412-8566-408f8655888a", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3731", "datePublished": "2021-08-23T12:42:01", "dateReserved": "2021-08-21T00:00:00", "dateUpdated": "2021-08-24T10:06:11", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "84D837D8-9CEB-4DAC-BEF6-CB0D7CBF3730", "versionEndIncluding": "1.1.12", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA91816-FE66-4662-A88B-08E45BE54C60", "versionEndIncluding": "1.2.26", "versionStartIncluding": "1.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AD1A858-F378-4C88-AC54-752BC352DA64", "versionEndIncluding": "1.3.47", "versionStartIncluding": "1.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "A19049A3-4641-418B-AAB6-5D32D1FD6E28", "versionEndIncluding": "1.4.42", "versionStartIncluding": "1.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EA19A56-9AD1-4EA9-B020-1930106FD308", "versionEndIncluding": "1.5.30", "versionStartIncluding": "1.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "C08AEF10-7BF9-4EEC-B7C1-F233FACEDE7F", "versionEndIncluding": "1.6.33", "versionStartIncluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "720FC128-BEE5-4D7C-86B8-438159E36475", "versionEndIncluding": "1.7.32", "versionStartIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4CE19F9-DE00-481E-AA8D-0EDD0B139E9B", "versionEndIncluding": "1.8.17", "versionStartIncluding": "1.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions."}, {"lang": "es", "value": "LedgerSMB no se protege lo suficiente contra la envoltura de otros sitios, haci\u00e9ndolo vulnerable al \"clickjacking\". Esto permite a un atacante enga\u00f1ar a un usuario objetivo para que ejecute acciones no deseadas."}], "id": "CVE-2021-3731", "lastModified": "2021-08-27T15:16:41.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.2, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2021-08-23T13:15:08.007", "references": [{"source": "security@huntr.dev", "tags": ["Third Party Advisory"], "url": "https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a"}, {"source": "security@huntr.dev", "tags": ["Vendor Advisory"], "url": "https://ledgersmb.org/cve-2021-3731-clickjacking"}, {"source": "security@huntr.dev", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4962"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1021"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1021"}], "source": "security@huntr.dev", "type": "Secondary"}]}