CVE-2022-31177

Possible to infer sensitive information through query strings in Flask-AppBuilder

Severity Score

2.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and their respective users. This issue has been fixed in version 4.1.3. Users are advised to upgrade. There are no known workarounds for this issue.

Flask-AppBuilder es un marco de desarrollo de aplicaciones construido sobre el marco de trabajo python Flask. En versiones anteriores a 4.1.3, un usuario administrador autenticado podía consultar a otros usuarios por sus cadenas de contraseñas con sal y hash. Estos filtros podían hacerse al usar cadenas de contraseñas con hash parcial. La respuesta no incluiría las contraseñas con hash, pero un atacante podría inferir los hash de las contraseñas parciales y sus respectivos usuarios. Este problema ha sido corregido en versión 4.1.3. Es recomendado a usuarios actualizar. No se presentan mitigaciones conocidas para este problema

*Credits: N/A

CVSS Scores

NISTv3.1 2.7

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-05-18 CVE Reserved
2022-08-01 CVE Published
2024-02-22 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (2)

URL	Tag	Source
https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.1.3	Release Notes
https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-32ff-4g79-vgfc	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Flask-appbuilder Project Search vendor "Flask-appbuilder Project"		Flask-appbuilder Search vendor "Flask-appbuilder Project" for product "Flask-appbuilder"				< 4.1.3 Search vendor "Flask-appbuilder Project" for product "Flask-appbuilder" and version " < 4.1.3"		-		Affected