CVE-2023-48648 - OpenCVE

Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Concretecms	Concrete Cms

Configuration 1 [-]

OR	cpe:2.3:a:concretecms:concrete_cms::::::::
	cpe:2.3:a:concretecms:concrete_cms::::::::

References

Link	Resource
https://documentation.concretecms.org/developers/introduction/version-history/8513-release-notes	Release Notes
https://documentation.concretecms.org/developers/introduction/version-history/922-release-notes	Release Notes
https://www.concretecms.org/about/project-news/security/2023-11-09-security-blog-about-updated-cves-and-new-release	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-17T00:00:00

Updated: 2023-11-17T03:45:45.564576

Reserved: 2023-11-17T00:00:00

Link: CVE-2023-48648

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-17T04:15:07.093

Modified: 2023-11-22T00:06:56.547

Link: CVE-2023-48648

JSON object: View

Redhat Information

No data.

CWE

CWE-276

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "B21DDFC6-2B07-4B52-B9DE-3A596CCC6265", "versionEndExcluding": "8.5.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CF91C72-25EA-4667-8ADF-1DB5FF8F2B9A", "versionEndExcluding": "9.2.2", "versionStartIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified."}, {"lang": "es", "value": "Concrete CMS anterior a 8.5.13 y 9.x anterior a 9.2.2 permite el acceso no autorizado porque se pueden crear directorios con permisos inseguros. Las funciones de creaci\u00f3n de archivos (como la funci\u00f3n Mkdir()) brindan acceso universal (0777) a las carpetas creadas de forma predeterminada. Se pueden otorgar permisos excesivos al crear un directorio con permisos superiores a 0755 o cuando no se especifica el argumento de permisos."}], "id": "CVE-2023-48648", "lastModified": "2023-11-22T00:06:56.547", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-17T04:15:07.093", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://documentation.concretecms.org/developers/introduction/version-history/8513-release-notes"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://documentation.concretecms.org/developers/introduction/version-history/922-release-notes"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.concretecms.org/about/project-news/security/2023-11-09-security-blog-about-updated-cves-and-new-release"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}]}