CVE-2023-30544 - OpenCVE

Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses via the `My profile` admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration. Operators of Kiwi TCMS should upgrade to v12.2 or later to receive a patch. No known workarounds exist.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Kiwitcms	Kiwi Tcms

Configuration 1 [-]

cpe:2.3:a:kiwitcms:kiwi_tcms:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg	Vendor Advisory
https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/	Permissions Required
https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/	Release Notes

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-04-24T16:26:08.626Z

Updated: 2023-04-24T16:26:08.626Z

Reserved: 2023-04-12T15:19:33.767Z

Link: CVE-2023-30544

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-04-24T17:15:10.777

Modified: 2023-05-03T18:52:51.757

Link: CVE-2023-30544

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-30544", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-12T15:19:33.767Z", "datePublished": "2023-04-24T16:26:08.626Z", "dateUpdated": "2023-04-24T16:26:08.626Z"}, "containers": {"cna": {"title": "Kiwi TCMS may allow user to update email address to unverified one", "problemTypes": [{"descriptions": [{"cweId": "CWE-283", "lang": "en", "description": "CWE-283: Unverified Ownership", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg"}, {"name": "https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/", "tags": ["x_refsource_MISC"], "url": "https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/"}, {"name": "https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/", "tags": ["x_refsource_MISC"], "url": "https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/"}], "affected": [{"vendor": "kiwitcms", "product": "Kiwi", "versions": [{"version": "< 12.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-24T16:26:08.626Z"}, "descriptions": [{"lang": "en", "value": "Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses via the `My profile` admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration. Operators of Kiwi TCMS should upgrade to v12.2 or later to receive a patch. No known workarounds exist."}], "source": {"advisory": "GHSA-7x6q-3v3m-cwjg", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kiwitcms:kiwi_tcms:*:*:*:*:*:*:*:*", "matchCriteriaId": "54963FF5-B772-4EC5-A2A1-3E98D68369C8", "versionEndExcluding": "12.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses via the `My profile` admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration. Operators of Kiwi TCMS should upgrade to v12.2 or later to receive a patch. No known workarounds exist."}], "id": "CVE-2023-30544", "lastModified": "2023-05-03T18:52:51.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-04-24T17:15:10.777", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-283"}, {"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Secondary"}]}