CVE-2022-2653 - OpenCVE

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Planka	Planka

Configuration 1 [-]

cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418
https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70

History

No history.

MITRE

Status: PUBLISHED

Assigner: @huntrdev

Published: 2022-08-04T09:35:25

Updated: 2024-08-03T00:46:03.421Z

Reserved: 2022-08-04T00:00:00

Link: CVE-2022-2653

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-04T10:15:08.060

Modified: 2022-08-10T13:48:50.183

Link: CVE-2022-2653

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "plankanban/planka", "vendor": "plankanban", "versions": [{"lessThan": "1.5.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-04T09:35:25", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}], "source": {"advisory": "5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "discovery": "EXTERNAL"}, "title": "Path Traversal in plankanban/planka", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-2653", "STATE": "PUBLIC", "TITLE": "Path Traversal in plankanban/planka"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "plankanban/planka", "version": {"version_data": [{"version_affected": "<", "version_value": "1.5.1"}]}}]}, "vendor_name": "plankanban"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}, {"name": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418", "refsource": "MISC", "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}]}, "source": {"advisory": "5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:46:03.421Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}]}]}, "cveMetadata": {"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2653", "datePublished": "2022-08-04T09:35:25", "dateReserved": "2022-08-04T00:00:00", "dateUpdated": "2024-08-03T00:46:03.421Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CB549-0F44-4B52-8130-E1A385F24A4A", "versionEndExcluding": "1.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}, {"lang": "es", "value": "Con esta vulnerabilidad un atacante puede leer muchos archivos confidenciales como los archivos de configuraci\u00f3n, o el archivo /proc/self/environ, que contiene la variable de entorno usada por el servidor web que incluye las credenciales de la base de datos. Si el usuario del servidor web es root, un atacante podr\u00e1 leer cualquier archivo del sistema"}], "id": "CVE-2022-2653", "lastModified": "2022-08-10T13:48:50.183", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-04T10:15:08.060", "references": [{"source": "security@huntr.dev", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@huntr.dev", "type": "Primary"}]}