// For flags

CVE-2023-48294

Broken Access control on Graphs Feature in LibreNMS

Severity Score

4.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to `graph.php` to access graphs generated on the particular Device. This request can be accessed by a low privilege user and they can enumerate devices on librenms with their id or hostname. Leveraging this vulnerability a low privilege user can see all devices registered by admin users. This vulnerability has been addressed in commit `489978a923` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

LibreNMS es un monitor de red basado en PHP/MySQL/SNMP con descubrimiento automático que incluye soporte para una amplia gama de hardware de red y sistemas operativos. En las versiones afectadas de LibreNMS, cuando un usuario accede al panel de su dispositivo, se envía una solicitud a `graph.php` para acceder a los gráficos generados en el dispositivo en particular. Un usuario con privilegios bajos puede acceder a esta solicitud y puede enumerar dispositivos en librenms con su identificación o nombre de host. Aprovechando esta vulnerabilidad, un usuario con privilegios bajos puede ver todos los dispositivos registrados por los usuarios administradores. Esta vulnerabilidad se solucionó en el commit `489978a923` que se incluyó en la versión 23.11.0. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-11-14 CVE Reserved
  • 2023-11-17 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-08-02 First Exploit
  • 2024-10-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Librenms
Search vendor "Librenms"
Librenms
Search vendor "Librenms" for product "Librenms"
< 23.11.0
Search vendor "Librenms" for product "Librenms" and version " < 23.11.0"
-
Affected