CVE-2021-44692 - OpenCVE

BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email address with symbols removed and periods replaced with hyphens. For example. JohnDoe@example.com would become /members/johndoeexample-com and Jo.test@example.com would become /members/jo-testexample-com. The members list is available to everyone and (in a default configuration) often without authentication. It is therefore trivial to collect a list of email addresses.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Buddyboss	Buddyboss

Configuration 1 [-]

cpe:2.3:a:buddyboss:buddyboss:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.buddyboss.com/resources/buddyboss-platform-releases/	Release Notes Vendor Advisory
https://www.cygenta.co.uk/post/buddyboss	Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-01-26T15:35:57

Updated: 2022-01-26T15:35:57

Reserved: 2021-12-06T00:00:00

Link: CVE-2021-44692

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-01-26T16:15:07.570

Modified: 2022-02-02T15:57:59.923

Link: CVE-2021-44692

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email address with symbols removed and periods replaced with hyphens. For example. JohnDoe@example.com would become /members/johndoeexample-com and Jo.test@example.com would become /members/jo-testexample-com. The members list is available to everyone and (in a default configuration) often without authentication. It is therefore trivial to collect a list of email addresses."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-01-26T15:35:57", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.buddyboss.com/resources/buddyboss-platform-releases/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.cygenta.co.uk/post/buddyboss"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-44692", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email address with symbols removed and periods replaced with hyphens. For example. JohnDoe@example.com would become /members/johndoeexample-com and Jo.test@example.com would become /members/jo-testexample-com. The members list is available to everyone and (in a default configuration) often without authentication. It is therefore trivial to collect a list of email addresses."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.buddyboss.com/resources/buddyboss-platform-releases/", "refsource": "MISC", "url": "https://www.buddyboss.com/resources/buddyboss-platform-releases/"}, {"name": "https://www.cygenta.co.uk/post/buddyboss", "refsource": "MISC", "url": "https://www.cygenta.co.uk/post/buddyboss"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44692", "datePublished": "2022-01-26T15:35:57", "dateReserved": "2021-12-06T00:00:00", "dateUpdated": "2022-01-26T15:35:57", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:buddyboss:buddyboss:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6C71BB4-0D91-4902-A832-3FB3EE3C2C31", "versionEndIncluding": "1.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email address with symbols removed and periods replaced with hyphens. For example. JohnDoe@example.com would become /members/johndoeexample-com and Jo.test@example.com would become /members/jo-testexample-com. The members list is available to everyone and (in a default configuration) often without authentication. It is therefore trivial to collect a list of email addresses."}, {"lang": "es", "value": "La plataforma BuddyBoss versiones hasta 1.8.0, permite a atacantes remotos obtener la direcci\u00f3n de correo electr\u00f3nico de cada usuario. Cuando es creado un nuevo usuario, es generado un ID \u00fanico para su perfil. Este UID es su direcci\u00f3n de correo electr\u00f3nico privada con los s\u00edmbolos eliminados y los puntos sustituidos por guiones. Por ejemplo. JohnDoe@example.com podr\u00eda ser convertido en /members/johndoeexample-com y Jo.test@example.com en /members/jo-testexample-com. La lista de miembros est\u00e1 disponible para todos y (en una configuraci\u00f3n por defecto) a menudo sin autenticaci\u00f3n. Por lo tanto, es trivial recopilar una lista de direcciones de correo electr\u00f3nico"}], "id": "CVE-2021-44692", "lastModified": "2022-02-02T15:57:59.923", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-26T16:15:07.570", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.buddyboss.com/resources/buddyboss-platform-releases/"}, {"source": "cve@mitre.org", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://www.cygenta.co.uk/post/buddyboss"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}