// For flags

CVE-2020-29604

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in MantisBT before 2.24.4. A missing access check in bug_actiongroup.php allows an attacker (with rights to create new issues) to use the COPY group action to create a clone, including all bugnotes and attachments, of any private issue (i.e., one having Private view status, or belonging to a private Project) via the bug_arr[] parameter. This provides full access to potentially confidential information.

Se detectó un problema en MantisBT versiones anteriores a 2.24.4. Una falta de comprobación de acceso en el archivo bug_actiongroup.php permite a un atacante (con derechos para crear nuevos problemas) usar la acción del grupo COPY para crear un clon, incluyendo todas las notas de error y archivos adjuntos, de cualquier problema privado (es decir, uno que tenga el estado de la vista Privada, o pertenece a un Proyecto privado) por medio del parámetro bug_arr[]. Esto proporciona acceso completo a una información potencialmente confidencial

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-12-07 CVE Reserved
  • 2021-01-29 CVE Published
  • 2024-06-03 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-862: Missing Authorization
CAPEC
References (2)
URL Tag Source
URL Date SRC
https://mantisbt.org/bugs/view.php?id=27357 2024-08-04
https://mantisbt.org/bugs/view.php?id=27728 2024-08-04
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mantisbt
Search vendor "Mantisbt"
 Mantisbt
Search vendor "Mantisbt" for product "Mantisbt"
 < 2.24.4
Search vendor "Mantisbt" for product "Mantisbt" and version " < 2.24.4"
-
Affected
in Microsoft
Search vendor "Microsoft"
 Windows
Search vendor "Microsoft" for product "Windows"
--
Safe