CVE-2023-2544 - Vulnerability Details - OpenCVE

Description

Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

Published: 2023-10-03

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Universitat Politècnica de València (UPV)

UPV PEIX

unaffected

Version	Status	Constraints
`0`	affected	≤ all versions

Configuration 1 [-]

cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

This vulnerability has been fixed in August 2022.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-34023	Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0004.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix

History

Thu, 19 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Upv Peix

MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-10-03T13:03:13.218Z

Updated: 2024-09-19T19:50:13.267Z

Reserved: 2023-05-05T10:22:39.108Z

Link: CVE-2023-2544

Vulnrichment

Updated: 2024-08-02T06:26:09.646Z

NVD

Status : Modified

Published: 2023-10-03T14:15:10.637

Modified: 2024-11-21T07:58:48.017

Link: CVE-2023-2544

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-639

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2544", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-05-05T10:22:39.108Z", "datePublished": "2023-10-03T13:03:13.218Z", "dateUpdated": "2024-09-19T19:50:13.267Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UPV PEIX", "vendor": "Universitat Polit\u00e8cnica de Val\u00e8ncia (UPV)", "versions": [{"lessThanOrEqual": "all versions", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pablo Alcarria Lozano and Germ\u00e1n Planells Garc\u00eda"}], "datePublic": "2023-05-31T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T13:03:13.218Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This vulnerability has been fixed in August 2022.<br>"}], "value": "This vulnerability has been fixed in August 2022.\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Authorization Bypass on UPV PEIX", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:09.646Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-19T19:49:59.598861Z", "id": "CVE-2023-2544", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T19:50:13.267Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:09.646Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-2544", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-19T19:49:59.598861Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T19:50:06.662Z"}}], "cna": {"title": "Authorization Bypass on UPV PEIX", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pablo Alcarria Lozano and Germ\u00e1n Planells Garc\u00eda"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Universitat Polit\u00e8cnica de Val\u00e8ncia (UPV)", "product": "UPV PEIX", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "all versions"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "This vulnerability has been fixed in August 2022.\n", "supportingMedia": [{"type": "text/html", "value": "This vulnerability has been fixed in August 2022.<br>", "base64": false}]}], "datePublic": "2023-05-31T10:00:00.000Z", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.", "supportingMedia": [{"type": "text/html", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T13:03:13.218Z"}}}, "cveMetadata": {"cveId": "CVE-2023-2544", "state": "PUBLISHED", "dateUpdated": "2024-09-19T19:50:13.267Z", "dateReserved": "2023-05-05T10:22:39.108Z", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "datePublished": "2023-10-03T13:03:13.218Z", "assignerShortName": "INCIBE"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*", "matchCriteriaId": "9071D5EA-1C9F-486A-A75F-29636328DB36", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n en UPV PEIX, que afecta al componente \"pdf_curri_new.php\". Mediante una solicitud POST, un usuario autenticado podr\u00eda cambiar el par\u00e1metro ID para recuperar toda la informaci\u00f3n almacenada de otros usuarios registrados."}], "id": "CVE-2023-2544", "lastModified": "2024-11-21T07:58:48.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-03T14:15:10.637", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}