Executive Summary
Summary | |
---|---|
Title | ActiveCollab permissions failure |
Informations | |||
---|---|---|---|
Name | VU#236703 | First vendor Publication | 2010-10-04 |
Vendor | VU-CERT | Last vendor Modification | 2010-10-04 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#236703ActiveCollab permissions failureOverviewAn authenticated user can view and delete projects or files that they are not assigned to.I. DescriptionAn authenticated user with no permission to a project can subscribe to the project, delete files, and possibly take other actions by loading a specifically crafted URL. Specific fields for the URL would most likely not be known to the attacker but a brute force attack could still be used to try all possibilities. ActiveCollab 2.3.1 is known to be vulnerable. Earlier versions may be vulnerable as well.II. ImpactAn authenticated attacker could view or modify projects they are not assigned to, resulting in loss of data integrity and confidentiality. An unauthenticated attacker may use a cross-site request forgery (XSRF) attack to trick an authenticated user into visiting a specifically crafted malicious URL as well.III. SolutionUpgrade to ActiveCollab 2.3.2 or newer.Vendor Information
Referenceshttp://www.activecollab.com/news/activecollab-2-3-2-is-available-for-download/ Thanks to Robin Wood for reporting this vulnerability. This document was written by Jared Allar.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/236703 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68601 | activeCollab Project Permissions Weakness Access Restriction Bypass activeCollab contains a flaw related to a failure to verify user permissions on a project. This may allow a remote authenticated attacker using a crafted URL to bypass intended access restrictions and subscribe to a project and view or delete project files. |