CVE-2020-15251 - OpenCVE

In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mirahezebots	Channelmgnt

Configuration 1 [-]

cpe:2.3:a:mirahezebots:channelmgnt:*:*:*:*:*:sopel:*:*

No data.

References

Link	Providers
https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg
https://github.com/MirahezeBots/sopel-channelmgnt/pull/3
https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5
https://phab.bots.miraheze.wiki/T117
https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/
https://pypi.org/project/sopel-plugins.channelmgnt/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-10-13T17:15:17

Updated: 2024-08-04T13:08:23.235Z

Reserved: 2020-06-25T00:00:00

Link: CVE-2020-15251

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-10-13T18:15:12.780

Modified: 2021-11-18T16:58:22.267

Link: CVE-2020-15251

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "sopel-channelmgnt", "vendor": "MirahezeBots", "versions": [{"status": "affected", "version": "< 1.0.3"}]}], "descriptions": [{"lang": "en", "value": "In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-15T18:44:01", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/pull/3"}, {"tags": ["x_refsource_MISC"], "url": "https://phab.bots.miraheze.wiki/T117"}, {"tags": ["x_refsource_MISC"], "url": "https://pypi.org/project/sopel-plugins.channelmgnt/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg"}, {"tags": ["x_refsource_MISC"], "url": "https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/"}], "source": {"advisory": "GHSA-j257-jfvv-h3x5", "discovery": "UNKNOWN"}, "title": "Privilege Escalation in Channelmgnt plug-in for Sopel", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15251", "STATE": "PUBLIC", "TITLE": "Privilege Escalation in Channelmgnt plug-in for Sopel"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "sopel-channelmgnt", "version": {"version_data": [{"version_value": "< 1.0.3"}]}}]}, "vendor_name": "MirahezeBots"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863: Incorrect Authorization"}]}]}, "references": {"reference_data": [{"name": "https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5", "refsource": "CONFIRM", "url": "https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5"}, {"name": "https://github.com/MirahezeBots/sopel-channelmgnt/pull/3", "refsource": "MISC", "url": "https://github.com/MirahezeBots/sopel-channelmgnt/pull/3"}, {"name": "https://phab.bots.miraheze.wiki/T117", "refsource": "MISC", "url": "https://phab.bots.miraheze.wiki/T117"}, {"name": "https://pypi.org/project/sopel-plugins.channelmgnt/", "refsource": "MISC", "url": "https://pypi.org/project/sopel-plugins.channelmgnt/"}, {"name": "https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg", "refsource": "MISC", "url": "https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg"}, {"name": "https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/", "refsource": "MISC", "url": "https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/"}]}, "source": {"advisory": "GHSA-j257-jfvv-h3x5", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:08:23.235Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/pull/3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://phab.bots.miraheze.wiki/T117"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pypi.org/project/sopel-plugins.channelmgnt/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15251", "datePublished": "2020-10-13T17:15:17", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:23.235Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mirahezebots:channelmgnt:*:*:*:*:*:sopel:*:*", "matchCriteriaId": "E10F251F-1B86-43BA-9710-9886B13C1D93", "versionEndExcluding": "1.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg."}, {"lang": "es", "value": "En el plug-in Channelmgnt para Sopel (un bot de IRC Python) anterior a la versi\u00f3n 1.0.3, los usuarios maliciosos pueden op/voice y tomar el control de un canal. Esta es una vulnerabilidad de bypass ACL. Este plugin est\u00e1 incluido en MirahezeBot-Plugins con versiones a partir de la versi\u00f3n 9.0.0 y menos de la versi\u00f3n 9.0.2 afectadas. La versi\u00f3n 9.0.2 incluida la versi\u00f3n 1.0.3 de channelmgnt, y por lo tanto est\u00e1 a salvo de esta vulnerabilidad. Ver la referencia GHSA-23pc-4339-95vg"}], "id": "CVE-2020-15251", "lastModified": "2021-11-18T16:58:22.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-10-13T18:15:12.780", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/pull/3"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5"}, {"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "https://phab.bots.miraheze.wiki/T117"}, {"source": "security-advisories@github.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "https://phab.bots.miraheze.wiki/phame/live/1/post/1/summary/"}, {"source": "security-advisories@github.com", "tags": ["Product", "Third Party Advisory"], "url": "https://pypi.org/project/sopel-plugins.channelmgnt/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Secondary"}]}