CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32696 – Excessive permissions for ckan user
https://notcve.org/view.php?id=CVE-2023-32696
CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the `ckan` user (equivalent to www-data) owned code and configuration files in the docker container and the `ckan` user had the permissions to use sudo. These issues allowed for code execution or privilege escalation if an arbitrary file write bug was available. Versions 2.9.9, 2.9.9-dev, 2.10.1, and 2.10.1-dev contain a patch. • https://github.com/ckan/ckan-docker-base/commit/5483c46ce9b518a4e1b626ef7032cce2c1d75c7d https://github.com/ckan/ckan-docker-base/security/advisories/GHSA-c74x-xfvr-x5wg • CWE-269: Improper Privilege Management •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22746 – CKAN is vulnerable to session secret shared across instances using Docker images
https://notcve.org/view.php?id=CVE-2023-22746
CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the `.env` file, that key was shared across different CKAN instances, making it easy to forge authentication requests. Users overriding the default secret key in their own `.env` file are not affected by this issue. Note that the legacy images (ckan/ckan) located in the main CKAN repo are not affected by this issue. • https://github.com/ckan/ckan/commit/44af0f0a148fcc0e0fbcf02fe69b7db13459a84b https://github.com/ckan/ckan/commit/4c22c135fa486afa13855d1cdb9765eaf418d2aa https://github.com/ckan/ckan/security/advisories/GHSA-pr8j-v4c8-h62x • CWE-330: Use of Insufficiently Random Values CWE-344: Use of Invariant Value in Dynamically Changing Context •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43685
https://notcve.org/view.php?id=CVE-2022-43685
CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts. CKAN hasta 2.9.6 toma de control de cuentas por parte de usuarios no autenticados cuando se envía una identificación de usuario existente a través de una solicitud HTTP POST. Esto permite a un usuario hacerse cargo de una cuenta existente, incluidas las cuentas de superusuario. • https://ckan.org https://ckan.org/blog/get-latest-patch-releases-your-ckan-site-october-2022 •