CVE-2017-15055
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the file attachments of an arbitrary item, copy the password of an arbitrary item to the copy/paste buffer, access the history of an arbitrary item, and edit attributes of an arbitrary directory. To exploit the vulnerability, an authenticated attacker must tamper with the requests sent directly, for example by changing the "item_id" parameter when invoking "copy_item" on items.queries.php.
Las versiones anteriores a la 2.1.27.9 de TeamPass no aplican correctamente el control de acceso de elementos al solicitar items.queries.php. Es posible copiar cualquier elemento arbitrario en un directorio controlado por el atacante, editar cualquier elemento en un directorio de solo lectura, eliminar un elemento arbitrario, eliminar los archivos adjuntos de un elemento arbitrario, copiar la contraseña de un elemento arbitrario en el búfer copy/paste, acceder al historial de un elemento arbitrario y editar los atributos de un directorio arbitrario. Para explotar la vulnerabilidad, un atacante autenticado debe alterar las peticiones enviadas directamente, por ejemplo cambiando el parámetro "item_id" al invocar "copy_item" en items.queries.php.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-10-06 CVE Reserved
- 2017-11-27 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://blog.amossys.fr/teampass-multiple-cve-01.html | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://github.com/nilsteampassnet/TeamPass/commit/5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f | 2019-10-03 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Teampass Search vendor "Teampass" | Teampass Search vendor "Teampass" for product "Teampass" | < 2.1.27.9 Search vendor "Teampass" for product "Teampass" and version " < 2.1.27.9" | - |
Affected
|