CVE-2023-2544 - OpenCVE

Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Upv	Peix

Configuration 1 [-]

cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-10-03T13:03:13.218Z

Updated: 2023-10-03T13:03:13.218Z

Reserved: 2023-05-05T10:22:39.108Z

Link: CVE-2023-2544

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-03T14:15:10.637

Modified: 2023-10-05T00:59:27.387

Link: CVE-2023-2544

JSON object: View

Redhat Information

No data.

CWE

CWE-639

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-2544", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-05-05T10:22:39.108Z", "datePublished": "2023-10-03T13:03:13.218Z", "dateUpdated": "2023-10-03T13:03:13.218Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UPV PEIX", "vendor": "Universitat Polit\u00e8cnica de Val\u00e8ncia (UPV)", "versions": [{"lessThanOrEqual": "all versions", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pablo Alcarria Lozano and Germ\u00e1n Planells Garc\u00eda"}], "datePublic": "2023-05-31T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T13:03:13.218Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This vulnerability has been fixed in August 2022.<br>"}], "value": "This vulnerability has been fixed in August 2022.\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Authorization Bypass on UPV PEIX", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*", "matchCriteriaId": "9071D5EA-1C9F-486A-A75F-29636328DB36", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n en UPV PEIX, que afecta al componente \"pdf_curri_new.php\". Mediante una solicitud POST, un usuario autenticado podr\u00eda cambiar el par\u00e1metro ID para recuperar toda la informaci\u00f3n almacenada de otros usuarios registrados."}], "id": "CVE-2023-2544", "lastModified": "2023-10-05T00:59:27.387", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2023-10-03T14:15:10.637", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-639"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}