CVE-2024-3164
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS Admins. Users that get site admin but not a system admin, should not have access to the System Maintenance → Tools portlet. This would share database username and password under Log Files and download DB Dump and other dotCMS Content under Tools. Nothing in the System → Maintenance should be displayed for users with site admin role. Only system admins must have access to System Maintenance.
OWASP Top 10 - A01) Broken Access Control
OWASP Top 10 - A04) Insecure Design
En el panel de dotCMS, las pestañas Tools y Log Files en System->Maintenance-> Log Files, que es y siempre ha sido un portlet de administración, son accesibles para cualquier persona con ese portlet y no solo para los administradores de CMS. Los usuarios que obtienen un administrador del sitio pero no un administrador del sistema no deberían tener acceso al portlet System Maintenance ? Tools. Esto compartiría el nombre de usuario y la contraseña de la base de datos en Archivos de registro y descargaría DB Dump y otro contenido de dotCMS en Herramientas. No se debe mostrar nada en System ? Maintenance para los usuarios con función de administrador del sitio. Sólo los administradores del sistema deben tener acceso al Mantenimiento del sistema. OWASP Top 10 - A01) Control de acceso roto OWASP Top 10 - A04) Diseño inseguro
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-04-01 CVE Reserved
- 2024-04-01 CVE Published
- 2024-04-02 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-552: Files or Directories Accessible to External Parties
CAPEC
- CAPEC-131: Resource Leak Exposure
References (4)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
DotCMS Search vendor "DotCMS" | DotCMS Core Search vendor "DotCMS" for product "DotCMS Core" | 22.02 Search vendor "DotCMS" for product "DotCMS Core" and version "22.02" | en |
Affected
|