CVE-2022-40634 - OpenCVE

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Craftercms	Crafter Cms

Configuration 1 [-]

cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*

References

Link	Resource
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: crafter

Published: 2022-09-13T00:00:00

Updated: 2022-09-13T18:25:09

Reserved: 2022-09-13T00:00:00

Link: CVE-2022-40634

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-13T19:15:13.350

Modified: 2022-09-16T02:41:02.093

Link: CVE-2022-40634

JSON object: View

Redhat Information

No data.

CWE

CWE-913

{"containers": {"cna": {"affected": [{"product": "Crafter CMS", "vendor": "Crafter Software", "versions": [{"lessThanOrEqual": "3.1.22", "status": "affected", "version": "3.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Matei \"Mal\" Badanoiu"}], "datePublic": "2022-09-13T00:00:00", "descriptions": [{"lang": "en", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-913", "description": "CWE-913 Improper Control of Dynamically-Managed Code Resources", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-13T18:25:09", "orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd", "shortName": "crafter"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"}], "source": {"discovery": "EXTERNAL"}, "title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@craftersoftware.com", "DATE_PUBLIC": "2022-09-13T15:42:00.000Z", "ID": "CVE-2022-40634", "STATE": "PUBLIC", "TITLE": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Crafter CMS", "version": {"version_data": [{"version_affected": "<=", "version_name": "3.1", "version_value": "3.1.22"}]}}]}, "vendor_name": "Crafter Software"}]}}, "credit": [{"lang": "eng", "value": "Matei \"Mal\" Badanoiu"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"}]}]}, "references": {"reference_data": [{"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601", "refsource": "MISC", "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd", "assignerShortName": "crafter", "cveId": "CVE-2022-40634", "datePublished": "2022-09-13T00:00:00", "dateReserved": "2022-09-13T00:00:00", "dateUpdated": "2022-09-13T18:25:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C6D4673-2898-4073-9239-71735D0FA5F2", "versionEndExcluding": "3.1.23", "versionStartIncluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI."}, {"lang": "es", "value": "Una vulnerabilidad de Control Inapropiado de los Recursos de C\u00f3digo Administrados Din\u00e1micamente en Crafter Studio de Crafter CMS permite a desarrolladores autenticados ejecutar comandos del Sistema Operativo por medio de FreeMarker SSTI"}], "id": "CVE-2022-40634", "lastModified": "2022-09-16T02:41:02.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "security@craftersoftware.com", "type": "Secondary"}]}, "published": "2022-09-13T19:15:13.350", "references": [{"source": "security@craftersoftware.com", "tags": ["Vendor Advisory"], "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"}], "sourceIdentifier": "security@craftersoftware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-913"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-913"}], "source": "security@craftersoftware.com", "type": "Secondary"}]}