CVE-2021-39196 - OpenCVE

pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:C/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pcapture Project	Pcapture

Configuration 1 [-]

cpe:2.3:a:pcapture_project:pcapture:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7
https://github.com/jdhwpgmbca/pcapture/issues/7
https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-09-07T18:55:11

Updated: 2024-08-04T01:58:18.288Z

Reserved: 2021-08-16T00:00:00

Link: CVE-2021-39196

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-09-07T19:15:08.677

Modified: 2022-08-05T10:55:09.787

Link: CVE-2021-39196

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "pcapture", "vendor": "jdhwpgmbca", "versions": [{"status": "affected", "version": "< 3.12"}]}], "descriptions": [{"lang": "en", "value": "pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287: Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-07T18:55:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"}], "source": {"advisory": "GHSA-3r67-fxpr-p2qx", "discovery": "UNKNOWN"}, "title": "Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-39196", "STATE": "PUBLIC", "TITLE": "Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "pcapture", "version": {"version_data": [{"version_value": "< 3.12"}]}}]}, "vendor_name": "jdhwpgmbca"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287: Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx", "refsource": "CONFIRM", "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"}, {"name": "https://github.com/jdhwpgmbca/pcapture/issues/7", "refsource": "MISC", "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"}, {"name": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7", "refsource": "MISC", "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"}]}, "source": {"advisory": "GHSA-3r67-fxpr-p2qx", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:58:18.288Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-39196", "datePublished": "2021-09-07T18:55:11", "dateReserved": "2021-08-16T00:00:00", "dateUpdated": "2024-08-04T01:58:18.288Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pcapture_project:pcapture:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABACB643-D644-4ABE-A953-6FD6AA8BF2BB", "versionEndExcluding": "3.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater."}, {"lang": "es", "value": "pcapture es una interfaz de servicio web dumpcap de c\u00f3digo abierto. En las versiones afectadas esta vulnerabilidad permite a un usuario autenticado pero sin privilegios usar la API REST para capturar y descargar paquetes sin filtro de captura y sin los permisos adecuados. Esto es importante porque los filtros de captura pueden limitar efectivamente el alcance de la informaci\u00f3n que un usuario puede visualizar en las capturas de datos. Si no se presenta ning\u00fan filtro, pueden capturarse y descargarse todos los datos del segmento de red local donde es ejecutado el programa. La versi\u00f3n 3.12 corrige este problema. No se presenta ninguna soluci\u00f3n, debe actualizar a versi\u00f3n v3.12 o superior"}], "id": "CVE-2021-39196", "lastModified": "2022-08-05T10:55:09.787", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-09-07T19:15:08.677", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/jdhwpgmbca/pcapture/issues/7"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "security-advisories@github.com", "type": "Secondary"}]}