CVE-2022-2653 - OpenCVE

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Planka	Planka

Configuration 1 [-]

cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418	Patch Third Party Advisory
https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70	Exploit Issue Tracking Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2022-08-04T09:35:25

Updated: 2022-08-04T09:35:25

Reserved: 2022-08-04T00:00:00

Link: CVE-2022-2653

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-04T10:15:08.060

Modified: 2022-08-10T13:48:50.183

Link: CVE-2022-2653

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "plankanban/planka", "vendor": "plankanban", "versions": [{"lessThan": "1.5.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-04T09:35:25", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}], "source": {"advisory": "5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "discovery": "EXTERNAL"}, "title": "Path Traversal in plankanban/planka", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-2653", "STATE": "PUBLIC", "TITLE": "Path Traversal in plankanban/planka"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "plankanban/planka", "version": {"version_data": [{"version_affected": "<", "version_value": "1.5.1"}]}}]}, "vendor_name": "plankanban"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}, {"name": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418", "refsource": "MISC", "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}]}, "source": {"advisory": "5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2653", "datePublished": "2022-08-04T09:35:25", "dateReserved": "2022-08-04T00:00:00", "dateUpdated": "2022-08-04T09:35:25", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CB549-0F44-4B52-8130-E1A385F24A4A", "versionEndExcluding": "1.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}, {"lang": "es", "value": "Con esta vulnerabilidad un atacante puede leer muchos archivos confidenciales como los archivos de configuraci\u00f3n, o el archivo /proc/self/environ, que contiene la variable de entorno usada por el servidor web que incluye las credenciales de la base de datos. Si el usuario del servidor web es root, un atacante podr\u00e1 leer cualquier archivo del sistema"}], "id": "CVE-2022-2653", "lastModified": "2022-08-10T13:48:50.183", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-04T10:15:08.060", "references": [{"source": "security@huntr.dev", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@huntr.dev", "type": "Primary"}]}