CVE-2023-2544 - Vulnerability Details - OpenCVE

Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0004.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Upv	Peix

Configuration 1 [-]

cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

This vulnerability has been fixed in August 2022.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix

History

Thu, 19 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-10-03T13:03:13.218Z

Updated: 2024-09-19T19:50:13.267Z

Reserved: 2023-05-05T10:22:39.108Z

Link: CVE-2023-2544

Vulnrichment

Updated: 2024-08-02T06:26:09.646Z

NVD

Status : Modified

Published: 2023-10-03T14:15:10.637

Modified: 2024-11-21T07:58:48.017

Link: CVE-2023-2544

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2544", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-05-05T10:22:39.108Z", "datePublished": "2023-10-03T13:03:13.218Z", "dateUpdated": "2024-09-19T19:50:13.267Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UPV PEIX", "vendor": "Universitat Polit\u00e8cnica de Val\u00e8ncia (UPV)", "versions": [{"lessThanOrEqual": "all versions", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pablo Alcarria Lozano and Germ\u00e1n Planells Garc\u00eda"}], "datePublic": "2023-05-31T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T13:03:13.218Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This vulnerability has been fixed in August 2022.<br>"}], "value": "This vulnerability has been fixed in August 2022.\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Authorization Bypass on UPV PEIX", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:09.646Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-19T19:49:59.598861Z", "id": "CVE-2023-2544", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T19:50:13.267Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:09.646Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-2544", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-19T19:49:59.598861Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T19:50:06.662Z"}}], "cna": {"title": "Authorization Bypass on UPV PEIX", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pablo Alcarria Lozano and Germ\u00e1n Planells Garc\u00eda"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Universitat Polit\u00e8cnica de Val\u00e8ncia (UPV)", "product": "UPV PEIX", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "all versions"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "This vulnerability has been fixed in August 2022.\n", "supportingMedia": [{"type": "text/html", "value": "This vulnerability has been fixed in August 2022.<br>", "base64": false}]}], "datePublic": "2023-05-31T10:00:00.000Z", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.", "supportingMedia": [{"type": "text/html", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T13:03:13.218Z"}}}, "cveMetadata": {"cveId": "CVE-2023-2544", "state": "PUBLISHED", "dateUpdated": "2024-09-19T19:50:13.267Z", "dateReserved": "2023-05-05T10:22:39.108Z", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "datePublished": "2023-10-03T13:03:13.218Z", "assignerShortName": "INCIBE"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:upv:peix:*:*:*:*:*:*:*:*", "matchCriteriaId": "9071D5EA-1C9F-486A-A75F-29636328DB36", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Authorization bypass vulnerability in UPV PEIX, affecting the component \"pdf_curri_new.php\". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n en UPV PEIX, que afecta al componente \"pdf_curri_new.php\". Mediante una solicitud POST, un usuario autenticado podr\u00eda cambiar el par\u00e1metro ID para recuperar toda la informaci\u00f3n almacenada de otros usuarios registrados."}], "id": "CVE-2023-2544", "lastModified": "2024-11-21T07:58:48.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-03T14:15:10.637", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}